Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.339208df5bf4765869f50ac9ac5a1860.exe
-
Size
58KB
-
Sample
231113-g3wsbaba35
-
MD5
339208df5bf4765869f50ac9ac5a1860
-
SHA1
3eeb94b5848e457f4987757d463c972b8e90aaea
-
SHA256
c374339a084486213d27642d7d644bf321a88ee00bf1cd259e07aae205cc1e4f
-
SHA512
dd1fdb93b396bb249043811be74e7af624f9ec60cfe78a9016f77688ca34fa89e650a24bdffd71acaa4f2c2e2966c12d8d81a5d4c3e0ef7e19de612e636ace9b
-
SSDEEP
768:W7BlpDpARFbhYQkQjjD7BlpDpARFbhYQkQjjy:W7ZDpApYbWjD7ZDpApYbWjy
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.339208df5bf4765869f50ac9ac5a1860.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.339208df5bf4765869f50ac9ac5a1860.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
NEAS.339208df5bf4765869f50ac9ac5a1860.exe
-
Size
58KB
-
MD5
339208df5bf4765869f50ac9ac5a1860
-
SHA1
3eeb94b5848e457f4987757d463c972b8e90aaea
-
SHA256
c374339a084486213d27642d7d644bf321a88ee00bf1cd259e07aae205cc1e4f
-
SHA512
dd1fdb93b396bb249043811be74e7af624f9ec60cfe78a9016f77688ca34fa89e650a24bdffd71acaa4f2c2e2966c12d8d81a5d4c3e0ef7e19de612e636ace9b
-
SSDEEP
768:W7BlpDpARFbhYQkQjjD7BlpDpARFbhYQkQjjy:W7ZDpApYbWjD7ZDpApYbWjy
Score9/10-
Renames multiple (2231) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Renames multiple (3207) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-