Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3138f8369ad54442f46d786bde4ebf38a18e93b05fe8acf34f537129e41270c1
-
Size
42KB
-
Sample
240203-vnrrpsgecm
-
MD5
00d684cb99990cb945126dcfbec26a8b
-
SHA1
fad3d5bb25b763f5e5ef5e12489ca4337bf5242c
-
SHA256
3138f8369ad54442f46d786bde4ebf38a18e93b05fe8acf34f537129e41270c1
-
SHA512
643ed41c1d656c6a7fb964c018862698dcd7cc1a2fd23fd9bcc2f1d91e8678e61e02a4db103998854a5d1177f15d8630aa812ace23d03f6f4b610bb126bcd02e
-
SSDEEP
768:tO1oR/IVS1RzK4wbs+D/SIJX+ZZ1SQQwZuIOPzDZVgoelP54qWk:tkS1FKnDtkuImYom2qWk
Behavioral task
behavioral1
Sample
3138f8369ad54442f46d786bde4ebf38a18e93b05fe8acf34f537129e41270c1.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
3138f8369ad54442f46d786bde4ebf38a18e93b05fe8acf34f537129e41270c1.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
C:\MSOCache\All Users\{90140000-0018-0409-0000-0000000FF1CE}-C\+README-WARNING+.txt
Targets
-
-
Target
3138f8369ad54442f46d786bde4ebf38a18e93b05fe8acf34f537129e41270c1
-
Size
42KB
-
MD5
00d684cb99990cb945126dcfbec26a8b
-
SHA1
fad3d5bb25b763f5e5ef5e12489ca4337bf5242c
-
SHA256
3138f8369ad54442f46d786bde4ebf38a18e93b05fe8acf34f537129e41270c1
-
SHA512
643ed41c1d656c6a7fb964c018862698dcd7cc1a2fd23fd9bcc2f1d91e8678e61e02a4db103998854a5d1177f15d8630aa812ace23d03f6f4b610bb126bcd02e
-
SSDEEP
768:tO1oR/IVS1RzK4wbs+D/SIJX+ZZ1SQQwZuIOPzDZVgoelP54qWk:tkS1FKnDtkuImYom2qWk
Score10/10-
Renames multiple (7023) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in System32 directory
-