Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.85217b075392b28c991e9f0fc938c470.exe
-
Size
233KB
-
Sample
231021-z9hs5seh4y
-
MD5
85217b075392b28c991e9f0fc938c470
-
SHA1
cf4e54ab772597ccd8f9da447ac6aa475f4c4c86
-
SHA256
7c2157f00b35563c25f3d16b244273ff81e61fbb3d2a7f8779ee382c7402c29b
-
SHA512
673f7e77c9c9d760b2bd15ae33ad443bfa803fe28a17df82776278e131489d2058ca1e7e881f04bba5be8ddf22efcc16e71c8ac3197a41ea67bbb587c1e29d78
-
SSDEEP
6144:RqlIyFESWu0SWu2s8PxqlIyFESWu0SWu2s8Pt:tyosQyose
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.85217b075392b28c991e9f0fc938c470.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.85217b075392b28c991e9f0fc938c470.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
NEAS.85217b075392b28c991e9f0fc938c470.exe
-
Size
233KB
-
MD5
85217b075392b28c991e9f0fc938c470
-
SHA1
cf4e54ab772597ccd8f9da447ac6aa475f4c4c86
-
SHA256
7c2157f00b35563c25f3d16b244273ff81e61fbb3d2a7f8779ee382c7402c29b
-
SHA512
673f7e77c9c9d760b2bd15ae33ad443bfa803fe28a17df82776278e131489d2058ca1e7e881f04bba5be8ddf22efcc16e71c8ac3197a41ea67bbb587c1e29d78
-
SSDEEP
6144:RqlIyFESWu0SWu2s8PxqlIyFESWu0SWu2s8Pt:tyosQyose
Score9/10-
Renames multiple (1055) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Renames multiple (225) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-