Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
da36f22d5e3df8dd836dbbd71989f721d9b1feb751552a8d181ee22ceea0365f
-
Size
53KB
-
Sample
220211-g82kraddhq
-
MD5
131bbc0b13531f2115cd7b1b3f48fc28
-
SHA1
999a9d44da103a63ae072784af080f1b2c718fdf
-
SHA256
da36f22d5e3df8dd836dbbd71989f721d9b1feb751552a8d181ee22ceea0365f
-
SHA512
c5f7693370deca2542c5d212f3748251db6870009d5319b81a21b958afa10e2c8003ef847aedd6a9089696bf27a5f6397dbb442aad9a7ea662f8743dd13a0e7b
Static task
static1
Behavioral task
behavioral1
Sample
da36f22d5e3df8dd836dbbd71989f721d9b1feb751552a8d181ee22ceea0365f.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
da36f22d5e3df8dd836dbbd71989f721d9b1feb751552a8d181ee22ceea0365f.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
da36f22d5e3df8dd836dbbd71989f721d9b1feb751552a8d181ee22ceea0365f
-
Size
53KB
-
MD5
131bbc0b13531f2115cd7b1b3f48fc28
-
SHA1
999a9d44da103a63ae072784af080f1b2c718fdf
-
SHA256
da36f22d5e3df8dd836dbbd71989f721d9b1feb751552a8d181ee22ceea0365f
-
SHA512
c5f7693370deca2542c5d212f3748251db6870009d5319b81a21b958afa10e2c8003ef847aedd6a9089696bf27a5f6397dbb442aad9a7ea662f8743dd13a0e7b
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-