Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.128776e83e3d08a07d4572513867d950.exe
-
Size
220KB
-
Sample
231112-lgb81aeb5w
-
MD5
128776e83e3d08a07d4572513867d950
-
SHA1
abba4635064e8a8814bbd8a04341437741ef9cac
-
SHA256
dfa1a46d34856fa0d06b6c6bf7581439f88342b4e80d2e12f71069873a66b955
-
SHA512
e3bbac6401f02857f5a615cc2451cd54f84393a81f19d6badb1d5d9975416591c01f695ebf90ed2b6ebf4f8c7f4a90e1059a812f550b78d77f07e835c1e197d6
-
SSDEEP
3072:6e7WpXR9B3NZWGCLOwstyhZFChcssc56FUrgxvbSD4UQrO2Fr:Rqz9ZNoShcHUaV
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.128776e83e3d08a07d4572513867d950.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.128776e83e3d08a07d4572513867d950.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
NEAS.128776e83e3d08a07d4572513867d950.exe
-
Size
220KB
-
MD5
128776e83e3d08a07d4572513867d950
-
SHA1
abba4635064e8a8814bbd8a04341437741ef9cac
-
SHA256
dfa1a46d34856fa0d06b6c6bf7581439f88342b4e80d2e12f71069873a66b955
-
SHA512
e3bbac6401f02857f5a615cc2451cd54f84393a81f19d6badb1d5d9975416591c01f695ebf90ed2b6ebf4f8c7f4a90e1059a812f550b78d77f07e835c1e197d6
-
SSDEEP
3072:6e7WpXR9B3NZWGCLOwstyhZFChcssc56FUrgxvbSD4UQrO2Fr:Rqz9ZNoShcHUaV
Score9/10-
Renames multiple (306) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-