Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4aeb348bd9cdcc8ec42396d66114c1e9945388f71103ccc5e8f042d43c7a8e12.exe
-
Size
4.0MB
-
Sample
230707-npz15sge49
-
MD5
1b97f1c8a03b0f4a6132d8960bc66737
-
SHA1
76c0ff36342891ee632ce856d03af6957d9614e3
-
SHA256
4aeb348bd9cdcc8ec42396d66114c1e9945388f71103ccc5e8f042d43c7a8e12
-
SHA512
04cec2c5d7aa4bcc506c427d245f94bf704019d7749bc35706726722fa6c455c75da79c342dbe05c5805f86322a08edb27679194f024285fee0f79d73ec6ff39
-
SSDEEP
49152:r2r2M/8Y+1zE3usDbOnwsHrYDUFsjVeYBCwyNP4lb3aDVRe+9v2wNNHbEUPTs:O2hdEMX5Re+VHEU7
Static task
static1
Behavioral task
behavioral1
Sample
4aeb348bd9cdcc8ec42396d66114c1e9945388f71103ccc5e8f042d43c7a8e12.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
4aeb348bd9cdcc8ec42396d66114c1e9945388f71103ccc5e8f042d43c7a8e12.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
4aeb348bd9cdcc8ec42396d66114c1e9945388f71103ccc5e8f042d43c7a8e12.exe
-
Size
4.0MB
-
MD5
1b97f1c8a03b0f4a6132d8960bc66737
-
SHA1
76c0ff36342891ee632ce856d03af6957d9614e3
-
SHA256
4aeb348bd9cdcc8ec42396d66114c1e9945388f71103ccc5e8f042d43c7a8e12
-
SHA512
04cec2c5d7aa4bcc506c427d245f94bf704019d7749bc35706726722fa6c455c75da79c342dbe05c5805f86322a08edb27679194f024285fee0f79d73ec6ff39
-
SSDEEP
49152:r2r2M/8Y+1zE3usDbOnwsHrYDUFsjVeYBCwyNP4lb3aDVRe+9v2wNNHbEUPTs:O2hdEMX5Re+VHEU7
Score9/10-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-