Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415.exe
-
Size
949KB
-
Sample
240110-sg2bfshfem
-
MD5
a292fee8d8db83711e72c06d6f82562d
-
SHA1
82f88c1af036181ee4e92a2f9338c152d1ff0c58
-
SHA256
df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415
-
SHA512
50a63500809fdc218b3d1cdc2cf402261e1c2d63c6f66088c857b03f6c7e7165835f9959b9d8200541e6f69dd149bdc0f7c0a0801caaeccfe0a9807e7f8289f1
-
SSDEEP
12288:RcOlvT7Zom3rITxaVDrd5vUa69Ghj91nlQocyW7/P6E4kKjqnes9PBVW/g:RDJJDbcJ90jtH0bP6ELVne2
Static task
static1
Behavioral task
behavioral1
Sample
df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
C:\Program Files\instructions_read_me.txt
https://bastad5huzwkepdixedg2gekg7jk22ato24zyllp6lnjx7wdtyctgvyd.onion/
Targets
-
-
Target
df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415.exe
-
Size
949KB
-
MD5
a292fee8d8db83711e72c06d6f82562d
-
SHA1
82f88c1af036181ee4e92a2f9338c152d1ff0c58
-
SHA256
df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415
-
SHA512
50a63500809fdc218b3d1cdc2cf402261e1c2d63c6f66088c857b03f6c7e7165835f9959b9d8200541e6f69dd149bdc0f7c0a0801caaeccfe0a9807e7f8289f1
-
SSDEEP
12288:RcOlvT7Zom3rITxaVDrd5vUa69Ghj91nlQocyW7/P6E4kKjqnes9PBVW/g:RDJJDbcJ90jtH0bP6ELVne2
Score10/10-
Renames multiple (2291) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-