Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2024-10-25_20489d408d7b0803c3b38e8bd67f4357_ryuk

  • Size

    1.1MB

  • Sample

    241025-y8tnkswakj

  • MD5

    20489d408d7b0803c3b38e8bd67f4357

  • SHA1

    b2a7e97b9c990f51799eec924288b3c2fa5b43c4

  • SHA256

    8a08e89a4664195232bc1ff871c23e8a27cd68b6c33f80ba707af02bbd0d14a4

  • SHA512

    eeea89ec45b044c818df1d5cc0acf3838aafc30d7d2669d02a2d62ec6cbe8585424e9a26f16bc5b6bac1d2c579395b314c91bedf3d092651c12061386eac5dfa

  • SSDEEP

    24576:USi1SoCU5qJSr1eWPSCsP0MugC6eTAjFV3jc6bZbDudO3FZuyj3iqonueY:8S7PLjeTw1IEDcIdSj

Malware Config

Targets

    • Target

      2024-10-25_20489d408d7b0803c3b38e8bd67f4357_ryuk

    • Size

      1.1MB

    • MD5

      20489d408d7b0803c3b38e8bd67f4357

    • SHA1

      b2a7e97b9c990f51799eec924288b3c2fa5b43c4

    • SHA256

      8a08e89a4664195232bc1ff871c23e8a27cd68b6c33f80ba707af02bbd0d14a4

    • SHA512

      eeea89ec45b044c818df1d5cc0acf3838aafc30d7d2669d02a2d62ec6cbe8585424e9a26f16bc5b6bac1d2c579395b314c91bedf3d092651c12061386eac5dfa

    • SSDEEP

      24576:USi1SoCU5qJSr1eWPSCsP0MugC6eTAjFV3jc6bZbDudO3FZuyj3iqonueY:8S7PLjeTw1IEDcIdSj

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks