5e3a20443522cfc18e9257a2568ab775743ce6338a0ca6ed56a547dc348ab7c5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

99781c175a...1b.exe

windows7-x64

9

99781c175a...1b.exe

windows10-2004-x64

9

Sharing

General

Target

99781c175af0d112ef434d4d378d9f1b
Size

194KB
Sample

240409-22ahxage84
MD5

99781c175af0d112ef434d4d378d9f1b
SHA1

ffb0ff5f5b7c5e2f5359495cc76beaf4038fa198
SHA256

5e3a20443522cfc18e9257a2568ab775743ce6338a0ca6ed56a547dc348ab7c5
SHA512

7a7c11a79f351d7b3933f73d215bcad3e8f23af5debb00a5f6325d0d7cd91c1e52c3b36ba2aa8057e84ccdf089a6c1e5b09f3de0b28622a1de303bd82cb8e106
SSDEEP

1536:W7ZQpApjIWe+eoO6OY7ZQpApjIWe+eoO6Ok:6QWpBe+eoO6OYQWpBe+eoO6Ok

Score

9^/10

ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

99781c175af0d112ef434d4d378d9f1b.exe

Resource

win7-20240319-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

99781c175af0d112ef434d4d378d9f1b.exe

Resource

win10v2004-20240319-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  99781c175af0d112ef434d4d378d9f1b
- Size
  
  194KB
- MD5
  
  99781c175af0d112ef434d4d378d9f1b
- SHA1
  
  ffb0ff5f5b7c5e2f5359495cc76beaf4038fa198
- SHA256
  
  5e3a20443522cfc18e9257a2568ab775743ce6338a0ca6ed56a547dc348ab7c5
- SHA512
  
  7a7c11a79f351d7b3933f73d215bcad3e8f23af5debb00a5f6325d0d7cd91c1e52c3b36ba2aa8057e84ccdf089a6c1e5b09f3de0b28622a1de303bd82cb8e106
- SSDEEP
  
  1536:W7ZQpApjIWe+eoO6OY7ZQpApjIWe+eoO6Ok:6QWpBe+eoO6OYQWpBe+eoO6Ok
Score

9^/10

ransomware
- Renames multiple (80) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy