Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-10-05_5c5caa62947625786642442365ede125_cobalt-strike_ryuk

  • Size

    5.4MB

  • Sample

    241005-ynh2ca1cjq

  • MD5

    5c5caa62947625786642442365ede125

  • SHA1

    c19377c42c3a30f2506a058e1cd687cb7aa248db

  • SHA256

    13c88eb1100197a2db5ac09f33134f09e4ed9b3414d2ad33dd1bb41f9f63816a

  • SHA512

    70940ccd56b45bb7eb9c4a598a6df8c4e81faae5792765e09be8730640ea26823b659177f79e6c614ed8a35789140abb45a3994ef45d7895b45d19437fa4b26c

  • SSDEEP

    49152:w0kwIi7c4xZlm5knEtw99Kn/2vim7vgv6m+yyJ/0gbvjy7yY7BHi3u7L/gBUUWL0:2wfhY7g/rLO7yYA3awr341gAD527BWG

Malware Config

Targets

    • Target

      2024-10-05_5c5caa62947625786642442365ede125_cobalt-strike_ryuk

    • Size

      5.4MB

    • MD5

      5c5caa62947625786642442365ede125

    • SHA1

      c19377c42c3a30f2506a058e1cd687cb7aa248db

    • SHA256

      13c88eb1100197a2db5ac09f33134f09e4ed9b3414d2ad33dd1bb41f9f63816a

    • SHA512

      70940ccd56b45bb7eb9c4a598a6df8c4e81faae5792765e09be8730640ea26823b659177f79e6c614ed8a35789140abb45a3994ef45d7895b45d19437fa4b26c

    • SSDEEP

      49152:w0kwIi7c4xZlm5knEtw99Kn/2vim7vgv6m+yyJ/0gbvjy7yY7BHi3u7L/gBUUWL0:2wfhY7g/rLO7yYA3awr341gAD527BWG

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks