Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-10-04_a4299041bef9f44c2d955a0626a0a716_ryuk
-
Size
1.6MB
-
Sample
241004-t384vsvbrr
-
MD5
a4299041bef9f44c2d955a0626a0a716
-
SHA1
2b3ce458871ed504bce8190052ca9b60fdb6940a
-
SHA256
ba97205fc5bb87192627febe5ecf9860c0608ceee1c5c74df370a65ba76a0c3e
-
SHA512
75805f24c708afdc309c19dda3bac941b0380afc20c09809bc4c87aad2e6ac32178d5f47c6fa7a8cff0af03f3a2ad0affb733f19da54ceea2032870da90b6933
-
SSDEEP
24576:a3oH6RhNF4Xx7AMsqjnhMgeiCl7G0nehbGZpbD:UoH0FEBA4Dmg27RnWGj
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-04_a4299041bef9f44c2d955a0626a0a716_ryuk.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2024-10-04_a4299041bef9f44c2d955a0626a0a716_ryuk.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
2024-10-04_a4299041bef9f44c2d955a0626a0a716_ryuk
-
Size
1.6MB
-
MD5
a4299041bef9f44c2d955a0626a0a716
-
SHA1
2b3ce458871ed504bce8190052ca9b60fdb6940a
-
SHA256
ba97205fc5bb87192627febe5ecf9860c0608ceee1c5c74df370a65ba76a0c3e
-
SHA512
75805f24c708afdc309c19dda3bac941b0380afc20c09809bc4c87aad2e6ac32178d5f47c6fa7a8cff0af03f3a2ad0affb733f19da54ceea2032870da90b6933
-
SSDEEP
24576:a3oH6RhNF4Xx7AMsqjnhMgeiCl7G0nehbGZpbD:UoH0FEBA4Dmg27RnWGj
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Drops file in System32 directory
-