Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-10-18_b7398c0528c864d34332673105796a6e_ryuk

  • Size

    1.1MB

  • Sample

    241018-cerq8sshpl

  • MD5

    b7398c0528c864d34332673105796a6e

  • SHA1

    760cd21da88a1e492afcef111f036fab93d0a485

  • SHA256

    31816135adc265b101a8edc66cd30cfacbff29e808063982cacb04b0e1a2018d

  • SHA512

    ba443806c578cec45bdc40716413afc806d7155cade9dbf79c27b3bff55a24c082ffc4ef1644143e00fe0491ac281d30ec9d85ae51d0a533ea00ff10df8f2cf9

  • SSDEEP

    24576:7Si1SoCU5qJSr1eWPSCsP0MugC6eTvmMPtkSfhcGXv44a8RxJ:7S7PLjeTnPiSfhhvEU

Malware Config

Targets

    • Target

      2024-10-18_b7398c0528c864d34332673105796a6e_ryuk

    • Size

      1.1MB

    • MD5

      b7398c0528c864d34332673105796a6e

    • SHA1

      760cd21da88a1e492afcef111f036fab93d0a485

    • SHA256

      31816135adc265b101a8edc66cd30cfacbff29e808063982cacb04b0e1a2018d

    • SHA512

      ba443806c578cec45bdc40716413afc806d7155cade9dbf79c27b3bff55a24c082ffc4ef1644143e00fe0491ac281d30ec9d85ae51d0a533ea00ff10df8f2cf9

    • SSDEEP

      24576:7Si1SoCU5qJSr1eWPSCsP0MugC6eTvmMPtkSfhcGXv44a8RxJ:7S7PLjeTnPiSfhhvEU

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks