a97e29a94b2e34eaa0808be9f83b9185052302c8742610f82b09ab01eeb35828 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

a97e29a94b...28.exe

windows7-x64

9

a97e29a94b...28.exe

windows10-2004-x64

9

Sharing

General

Target

a97e29a94b2e34eaa0808be9f83b9185052302c8742610f82b09ab01eeb35828
Size

352KB
Sample

240406-bqfmnsgd5y
MD5

5cb8b53a82798ae24cf03e64b1880642
SHA1

d793f243b85e7628627f3ae482e55334097fdc21
SHA256

a97e29a94b2e34eaa0808be9f83b9185052302c8742610f82b09ab01eeb35828
SHA512

de13f267520ce380f23b215d064ce88331f50d5880a77e2a607476d6cf169d715198bb47e1314cf6c3162086dd50519b950b39f6503ecd915aa178e7fafc13be
SSDEEP

3072:PR4jdNqTqHL+3phRrbhGKtW9lMYwIP+XYcpyk7RKKtW9lMYwIP+XYcpyk7Rb:5afYphONs6+X7jINs6+X7j

Score

10^/10

ransomware

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a97e29a94b2e34eaa0808be9f83b9185052302c8742610f82b09ab01eeb35828.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

a97e29a94b2e34eaa0808be9f83b9185052302c8742610f82b09ab01eeb35828.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  a97e29a94b2e34eaa0808be9f83b9185052302c8742610f82b09ab01eeb35828
- Size
  
  352KB
- MD5
  
  5cb8b53a82798ae24cf03e64b1880642
- SHA1
  
  d793f243b85e7628627f3ae482e55334097fdc21
- SHA256
  
  a97e29a94b2e34eaa0808be9f83b9185052302c8742610f82b09ab01eeb35828
- SHA512
  
  de13f267520ce380f23b215d064ce88331f50d5880a77e2a607476d6cf169d715198bb47e1314cf6c3162086dd50519b950b39f6503ecd915aa178e7fafc13be
- SSDEEP
  
  3072:PR4jdNqTqHL+3phRrbhGKtW9lMYwIP+XYcpyk7RKKtW9lMYwIP+XYcpyk7Rb:5afYphONs6+X7jINs6+X7j
Score

9^/10

ransomware
- Detects executables built or packed with MPress PE compressor
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy