Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1ba77f96396468b6dcdef50ebd281c089759b06e9e4fb8c32b2c542c9491b81c.exe

  • Size

    707KB

  • MD5

    cc7a81df71683402ba7a751b7e7aa923

  • SHA1

    a838519630c00d82a4fde0e555c8a4a98e8bae8d

  • SHA256

    1ba77f96396468b6dcdef50ebd281c089759b06e9e4fb8c32b2c542c9491b81c

  • SHA512

    ae18ee37dbbbebb7d1f468b7fb6fe0a9833bad0c5c28a4a866abcb15a27b568286914c23eb12cc7a4ad6755df26c0d1a127a69f9000bddb33114a50ea67d5379

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1n81vnh:6uaTmkZJ+naie5OTamgEoKxLWOxh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1ba77f96396468b6dcdef50ebd281c089759b06e9e4fb8c32b2c542c9491b81c.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.