Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

dd9ba29e39...70.exe

windows7-x64

9

dd9ba29e39...70.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dd9ba29e39f279589c477f7044c31cf5f9b85c6edb5b7ce5a3bdd6ca3a854a70

  • Size

    192KB

  • Sample

    221003-qk9e5aghh9

  • MD5

    631099792acfdeba2ae932a7978f54a6

  • SHA1

    5c37f8c0e13375cca7f7ce2e9a96a19f7ef3a70b

  • SHA256

    dd9ba29e39f279589c477f7044c31cf5f9b85c6edb5b7ce5a3bdd6ca3a854a70

  • SHA512

    4bd71a9749dbbada69a536488de9e363005a805415e88a384f3749ecc8fb0fc6bbc3c67a94d4d7bb13934019a68b7080970e571c695680a40b743e4bc7622eba

  • SSDEEP

    3072:8K5hkw3UT6SMhSl/VuyBzNVu5KT2Uj+TDdRJfkpkercz5PWVlI7I5:RkwClw4tfr05KpcRJcpkQcVPWVlD

Score
9/10
persistenceransomware

Malware Config

Targets

    • Target

      dd9ba29e39f279589c477f7044c31cf5f9b85c6edb5b7ce5a3bdd6ca3a854a70

    • Size

      192KB

    • MD5

      631099792acfdeba2ae932a7978f54a6

    • SHA1

      5c37f8c0e13375cca7f7ce2e9a96a19f7ef3a70b

    • SHA256

      dd9ba29e39f279589c477f7044c31cf5f9b85c6edb5b7ce5a3bdd6ca3a854a70

    • SHA512

      4bd71a9749dbbada69a536488de9e363005a805415e88a384f3749ecc8fb0fc6bbc3c67a94d4d7bb13934019a68b7080970e571c695680a40b743e4bc7622eba

    • SSDEEP

      3072:8K5hkw3UT6SMhSl/VuyBzNVu5KT2Uj+TDdRJfkpkercz5PWVlI7I5:RkwClw4tfr05KpcRJcpkQcVPWVlD

    Score
    9/10
    persistenceransomware

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks