Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    67502b5734f2120e1d3000a669dcfdb50268cfc465f43f80a51af98ecd2c1c6f.exe

  • Size

    15.2MB

  • Sample

    241016-b9d8yswhqe

  • MD5

    3bf150f007891e160c3aa55e9a737bd3

  • SHA1

    044f5a12dae5f4b7413a9fcf01d2d095144b2823

  • SHA256

    67502b5734f2120e1d3000a669dcfdb50268cfc465f43f80a51af98ecd2c1c6f

  • SHA512

    71dd27b3b9aac6f31605638849d2e599499791a16ea03e35ef807f95ba2864b65fae59565d787bff030e1f6873ae7c013dbee0d5a3e96e29df18cfe413c7a129

  • SSDEEP

    393216:CgyymeloA5Q+kzYugbjl4VRt1oSdhDy0X:CgyymeloA2+N4/t9vDyI

Malware Config

Targets

    • Target

      67502b5734f2120e1d3000a669dcfdb50268cfc465f43f80a51af98ecd2c1c6f.exe

    • Size

      15.2MB

    • MD5

      3bf150f007891e160c3aa55e9a737bd3

    • SHA1

      044f5a12dae5f4b7413a9fcf01d2d095144b2823

    • SHA256

      67502b5734f2120e1d3000a669dcfdb50268cfc465f43f80a51af98ecd2c1c6f

    • SHA512

      71dd27b3b9aac6f31605638849d2e599499791a16ea03e35ef807f95ba2864b65fae59565d787bff030e1f6873ae7c013dbee0d5a3e96e29df18cfe413c7a129

    • SSDEEP

      393216:CgyymeloA5Q+kzYugbjl4VRt1oSdhDy0X:CgyymeloA2+N4/t9vDyI

    • Renames multiple (291) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks