Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8f6c2059cf5957exeexeexeex.exe

  • Size

    3.6MB

  • Sample

    230709-sf3g5adf57

  • MD5

    8f6c2059cf5957bb40360e6731141eef

  • SHA1

    ca23edd9afc15bb0c6b3eb863455b5979797d64d

  • SHA256

    a651d6ef33fac753cd65b088cd33c6be78f8e12db977bd257634cead19131f6f

  • SHA512

    be6df2aae64fe565c073f34fccf36c6ea72c99549c4d815d55c62e950860833a0d393df9e76ea405c4cd14251ff30372ac6a1da45e344df53edef6467eb1b9cd

  • SSDEEP

    98304:XDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8y:XDqPe1Cxcxk3ZAEUadzR8y

Malware Config

Targets

    • Target

      8f6c2059cf5957exeexeexeex.exe

    • Size

      3.6MB

    • MD5

      8f6c2059cf5957bb40360e6731141eef

    • SHA1

      ca23edd9afc15bb0c6b3eb863455b5979797d64d

    • SHA256

      a651d6ef33fac753cd65b088cd33c6be78f8e12db977bd257634cead19131f6f

    • SHA512

      be6df2aae64fe565c073f34fccf36c6ea72c99549c4d815d55c62e950860833a0d393df9e76ea405c4cd14251ff30372ac6a1da45e344df53edef6467eb1b9cd

    • SSDEEP

      98304:XDqPoBhz1aRxcSUDk36SAEdhvxWa9P593R8y:XDqPe1Cxcxk3ZAEUadzR8y

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3315) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Contacts a large (1478) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks