Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-10-25_19b8d42bc6dfb6e51677435415894639_cobalt-strike_ryuk

  • Size

    2.2MB

  • Sample

    241025-y79y6ssjhy

  • MD5

    19b8d42bc6dfb6e51677435415894639

  • SHA1

    91914c7e7aaac0887efdd63fe427e1950879bc6d

  • SHA256

    5cb383dc2b3b4d17247f86e50d119ee134a1e05db65d04dfff37697b4e62227a

  • SHA512

    e3892230cb1dfe0a9697ead1ba2558573e72bb7a421bd2ce21db160c688a7d03f44da2fb8c272a12aeb1de887e31b12d5d77190ecc79466a5496ec97998cdb3f

  • SSDEEP

    49152:4fzabJ8llj+SWTi2mkx+X+diHJaN7oz63X:Zbi2iuowX

Malware Config

Targets

    • Target

      2024-10-25_19b8d42bc6dfb6e51677435415894639_cobalt-strike_ryuk

    • Size

      2.2MB

    • MD5

      19b8d42bc6dfb6e51677435415894639

    • SHA1

      91914c7e7aaac0887efdd63fe427e1950879bc6d

    • SHA256

      5cb383dc2b3b4d17247f86e50d119ee134a1e05db65d04dfff37697b4e62227a

    • SHA512

      e3892230cb1dfe0a9697ead1ba2558573e72bb7a421bd2ce21db160c688a7d03f44da2fb8c272a12aeb1de887e31b12d5d77190ecc79466a5496ec97998cdb3f

    • SSDEEP

      49152:4fzabJ8llj+SWTi2mkx+X+diHJaN7oz63X:Zbi2iuowX

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks