Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

f5012741a1...ed.exe

windows7-x64

9

f5012741a1...ed.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5012741a116a4128fde6082553bf38a0f4edb9160ef194dea5fe08cc446caed

  • Size

    38KB

  • Sample

    240503-f23nssab82

  • MD5

    c8788c6e2cbdfc2f868570d423166bc4

  • SHA1

    9a674083e94268e2a325f5171798caa055b7da48

  • SHA256

    f5012741a116a4128fde6082553bf38a0f4edb9160ef194dea5fe08cc446caed

  • SHA512

    dd1fb9d4bb6af39f2db1cf464b1368ad16594f6f60792dd2efaa7da4473e8c19c325618e0d66c07cdc2ce254ced8d5b6af891d758c6a483fd261238cfc7e9b87

  • SSDEEP

    768:kBT37CPKKIm0CAbLg++PJHJzIWD+dVdCYgck5sIZFlzc3/Sg2aDM9uA9DM9uA1:CTWn1++PJHJXA/OsIZfzc3/QM

Score
10/10
ransomwareupx

Malware Config

Targets

    • Target

      f5012741a116a4128fde6082553bf38a0f4edb9160ef194dea5fe08cc446caed

    • Size

      38KB

    • MD5

      c8788c6e2cbdfc2f868570d423166bc4

    • SHA1

      9a674083e94268e2a325f5171798caa055b7da48

    • SHA256

      f5012741a116a4128fde6082553bf38a0f4edb9160ef194dea5fe08cc446caed

    • SHA512

      dd1fb9d4bb6af39f2db1cf464b1368ad16594f6f60792dd2efaa7da4473e8c19c325618e0d66c07cdc2ce254ced8d5b6af891d758c6a483fd261238cfc7e9b87

    • SSDEEP

      768:kBT37CPKKIm0CAbLg++PJHJzIWD+dVdCYgck5sIZFlzc3/Sg2aDM9uA9DM9uA1:CTWn1++PJHJXA/OsIZfzc3/QM

    Score
    9/10
    ransomwareupx

    • Renames multiple (3785) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks