Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9664768f5ad1faexeexeexeex.exe

  • Size

    5.0MB

  • Sample

    230709-nc4tkacf99

  • MD5

    9664768f5ad1fa15c107ec79a8dc797a

  • SHA1

    0dbb80e9eb16654dd57bf01f8112e15aafea54c5

  • SHA256

    995fc47f5a93290bfb55d81aa2ef7ab8cdc318fede83ad870c1bafceb28e3ea1

  • SHA512

    9cced82693b2e52bce9f478aa29eee2a21be43cf4a974c184f37d097f2ce3c4d96b94c6f3bb5ef3a5953c932c6ebca22976954c9a149c490ac3f9fd72d3b3835

  • SSDEEP

    98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P5AR8yAVp2:yDqPe1Cxcxk3ZAEUadiR8yc4

Malware Config

Targets

    • Target

      9664768f5ad1faexeexeexeex.exe

    • Size

      5.0MB

    • MD5

      9664768f5ad1fa15c107ec79a8dc797a

    • SHA1

      0dbb80e9eb16654dd57bf01f8112e15aafea54c5

    • SHA256

      995fc47f5a93290bfb55d81aa2ef7ab8cdc318fede83ad870c1bafceb28e3ea1

    • SHA512

      9cced82693b2e52bce9f478aa29eee2a21be43cf4a974c184f37d097f2ce3c4d96b94c6f3bb5ef3a5953c932c6ebca22976954c9a149c490ac3f9fd72d3b3835

    • SSDEEP

      98304:yDqPoBhz1aRxcSUDk36SAEdhvxWa9P5AR8yAVp2:yDqPe1Cxcxk3ZAEUadiR8yc4

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3234) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (1562) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks