Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
48689c986eb553e6a7aeba973501b9660cb1418d4ec3ba9d0511f82799d1422c.zip
-
Size
570KB
-
Sample
230311-q192labf4z
-
MD5
cf82682c4101984695f6bec0b7f11b38
-
SHA1
0775e154a080b58b9b71778708c19162e2447821
-
SHA256
90d8071fcbdc74c16258487c86689fa35090169b289233600c3b3dca105a729d
-
SHA512
be19f6e83887f44ee34a769ef816052ed6af540416a94bf881b636ee88d493bdcb39927cb4b72f86ba7ff1652f5d4fb1ee8b422ef176a79f394ddf601a6ed39a
-
SSDEEP
12288:VvBN9Eg7u/4xmMXCnVpp8dwDAldGmKh5++2LRejl719Z4JxPrWH5Q7b2:VJvEOF4MXCnPpXclQhb2AjlV4rDWH5wS
Static task
static1
Behavioral task
behavioral1
Sample
48689c986eb553e6a7aeba973501b9660cb1418d4ec3ba9d0511f82799d1422c.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
48689c986eb553e6a7aeba973501b9660cb1418d4ec3ba9d0511f82799d1422c.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
48689c986eb553e6a7aeba973501b9660cb1418d4ec3ba9d0511f82799d1422c.exe
-
Size
645KB
-
MD5
79cdf459683c39e9704a37a6be9bc877
-
SHA1
450d4f351c3dd168e313b309da4bd8a817453d1d
-
SHA256
48689c986eb553e6a7aeba973501b9660cb1418d4ec3ba9d0511f82799d1422c
-
SHA512
2cc3f164e92650c4d4aed7012da7d303d24cdc63565ed744a28cb6d59465189233a128a01f4b807aa972057e0d0d98742c5ca9b41a67bf59f0f115de30eb6bd4
-
SSDEEP
12288:Ya8gND5n7gG2WERaCyDVbdlSQLeYBgdAULx9mutZo5B:YgNDBg3JRaCyDVplSUBgrHtZor
Score10/10-
Avaddon
Ransomware-as-a-service first released in June 2020 and currently expanding its userbase among criminal actors.
-
Avaddon payload
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-