Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    57b29058a1e87d599285cf0a07dd82e65a58dbdaae0f2cf77c6999e49bb4be4b

  • Size

    3.6MB

  • Sample

    221026-pwb4bsfgbm

  • MD5

    f863dc33ad476c34dfd139230acebbde

  • SHA1

    126698d59579a0c020b8ec140a0009b0aeb8fc4c

  • SHA256

    57b29058a1e87d599285cf0a07dd82e65a58dbdaae0f2cf77c6999e49bb4be4b

  • SHA512

    f4bab399ada745adf26411984357226a874dcf0b3b611d237d132814ee2b325e1da7e553da9edef35f0251ae8251eeeedbb01b167471f98f938cb0337623c03c

  • SSDEEP

    98304:Z8rPoBhz6aRxcSUDk36SAEdhvxWa9v5y3R8yAdR:Z8rPe6Cxcxk3ZAEUatuR8yA

Malware Config

Targets

    • Target

      57b29058a1e87d599285cf0a07dd82e65a58dbdaae0f2cf77c6999e49bb4be4b

    • Size

      3.6MB

    • MD5

      f863dc33ad476c34dfd139230acebbde

    • SHA1

      126698d59579a0c020b8ec140a0009b0aeb8fc4c

    • SHA256

      57b29058a1e87d599285cf0a07dd82e65a58dbdaae0f2cf77c6999e49bb4be4b

    • SHA512

      f4bab399ada745adf26411984357226a874dcf0b3b611d237d132814ee2b325e1da7e553da9edef35f0251ae8251eeeedbb01b167471f98f938cb0337623c03c

    • SSDEEP

      98304:Z8rPoBhz6aRxcSUDk36SAEdhvxWa9v5y3R8yAdR:Z8rPe6Cxcxk3ZAEUatuR8yA

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3219) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Detects WannaCry Ransomware

    • Contacts a large (1290) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks