Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
conti.exe
-
Size
178KB
-
Sample
230328-m4kz4aae87
-
MD5
8d27d0c897ce21f1036bf659fc663cf2
-
SHA1
afe3d0fb48092aeca4dcd3989a076e87fdbe69b2
-
SHA256
139a8bb2c5537190e747d2f651b423147018fd9a9a21bb36281d4ce1c61727c1
-
SHA512
531873e8faaf801a447f70848969865750f41fd5ff15bd8c47015e766a9bb8cc1fbb8dcae16ddbf1e4f9dbc5750af593ef8fdcf94cd1a61efa00c7790cda4374
-
SSDEEP
3072:/gq2DKdMbv1S/n6rHBJK3V9LBSLrKa+HQXvMES/D3Yw7yZyYpEaI:/84X/19LUPMcMEw3kTI
Static task
static1
Behavioral task
behavioral1
Sample
conti.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
C:\Program Files (x86)\warning !!!! Readme bl00dy Gang.txt
https://t.me/bl00dy_Ransomware_Gang
Targets
-
-
Target
conti.exe
-
Size
178KB
-
MD5
8d27d0c897ce21f1036bf659fc663cf2
-
SHA1
afe3d0fb48092aeca4dcd3989a076e87fdbe69b2
-
SHA256
139a8bb2c5537190e747d2f651b423147018fd9a9a21bb36281d4ce1c61727c1
-
SHA512
531873e8faaf801a447f70848969865750f41fd5ff15bd8c47015e766a9bb8cc1fbb8dcae16ddbf1e4f9dbc5750af593ef8fdcf94cd1a61efa00c7790cda4374
-
SSDEEP
3072:/gq2DKdMbv1S/n6rHBJK3V9LBSLrKa+HQXvMES/D3Yw7yZyYpEaI:/84X/19LUPMcMEw3kTI
Score10/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Drops desktop.ini file(s)
-