Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

63aa8a49c2...eb.exe

windows7-x64

9

63aa8a49c2...eb.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    63aa8a49c27fbf7e4f1148eb794939d916da28a491f1ca2064c9e44b3fa985eb

  • Size

    221KB

  • Sample

    240507-1v878acg83

  • MD5

    3729dcb1d01b0efc189b0fb446910936

  • SHA1

    0b0a0cae17d9bcf01ec6a1a7ca4a17763999cb0c

  • SHA256

    63aa8a49c27fbf7e4f1148eb794939d916da28a491f1ca2064c9e44b3fa985eb

  • SHA512

    d3cf4f756275e3afb766ad18a25367d1a793e824dcfbfb5fa8c012debf0f8288c67e31e9a24ed8f4ebca29d28689377d1d3be3b881dd5f083131f5872182b963

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE2GEJdwJdXgZrWpcOPxPke+e3fFpsJOfFpsJC:tFPxPke+eI2GRgAFPxPke+eI2GRgl

Score
9/10
ransomware

Malware Config

Targets

    • Target

      63aa8a49c27fbf7e4f1148eb794939d916da28a491f1ca2064c9e44b3fa985eb

    • Size

      221KB

    • MD5

      3729dcb1d01b0efc189b0fb446910936

    • SHA1

      0b0a0cae17d9bcf01ec6a1a7ca4a17763999cb0c

    • SHA256

      63aa8a49c27fbf7e4f1148eb794939d916da28a491f1ca2064c9e44b3fa985eb

    • SHA512

      d3cf4f756275e3afb766ad18a25367d1a793e824dcfbfb5fa8c012debf0f8288c67e31e9a24ed8f4ebca29d28689377d1d3be3b881dd5f083131f5872182b963

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE2GEJdwJdXgZrWpcOPxPke+e3fFpsJOfFpsJC:tFPxPke+eI2GRgAFPxPke+eI2GRgl

    Score
    9/10
    ransomware

    • Renames multiple (3497) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks