Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.339208df5bf4765869f50ac9ac5a1860.exe

  • Size

    58KB

  • Sample

    231113-g3wsbaba35

  • MD5

    339208df5bf4765869f50ac9ac5a1860

  • SHA1

    3eeb94b5848e457f4987757d463c972b8e90aaea

  • SHA256

    c374339a084486213d27642d7d644bf321a88ee00bf1cd259e07aae205cc1e4f

  • SHA512

    dd1fdb93b396bb249043811be74e7af624f9ec60cfe78a9016f77688ca34fa89e650a24bdffd71acaa4f2c2e2966c12d8d81a5d4c3e0ef7e19de612e636ace9b

  • SSDEEP

    768:W7BlpDpARFbhYQkQjjD7BlpDpARFbhYQkQjjy:W7ZDpApYbWjD7ZDpApYbWjy

Score
9/10

Malware Config

Targets

    • Target

      NEAS.339208df5bf4765869f50ac9ac5a1860.exe

    • Size

      58KB

    • MD5

      339208df5bf4765869f50ac9ac5a1860

    • SHA1

      3eeb94b5848e457f4987757d463c972b8e90aaea

    • SHA256

      c374339a084486213d27642d7d644bf321a88ee00bf1cd259e07aae205cc1e4f

    • SHA512

      dd1fdb93b396bb249043811be74e7af624f9ec60cfe78a9016f77688ca34fa89e650a24bdffd71acaa4f2c2e2966c12d8d81a5d4c3e0ef7e19de612e636ace9b

    • SSDEEP

      768:W7BlpDpARFbhYQkQjjD7BlpDpARFbhYQkQjjy:W7ZDpApYbWjD7ZDpApYbWjy

    Score
    9/10
    • Renames multiple (2231) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Renames multiple (3207) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks