Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    85cd656c689b682f15206dbed07bbc90_NEAS

  • Size

    216KB

  • Sample

    240507-hhgnbsgd37

  • MD5

    85cd656c689b682f15206dbed07bbc90

  • SHA1

    f338adfd229793c840522e350fd012a70ba47a33

  • SHA256

    c1db55e66511922be85bd61fc8f86e44b11fd9186f30797834796c664fa8c705

  • SHA512

    890692031b9e512c69ba5df1f0f6256e61a85ad664696ecffbf873f8b1d8975e29a126070f849b24b69cae193a377a2a1a6279778fd67adbbb9179c8916116fc

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE2GEJdwJdXgUrWpcOPxPke+e3fFpsJOfFpsJV:tFPxPke+eI2GRgzFPxPke+eI2GRgW

Score
9/10

Malware Config

Targets

    • Target

      85cd656c689b682f15206dbed07bbc90_NEAS

    • Size

      216KB

    • MD5

      85cd656c689b682f15206dbed07bbc90

    • SHA1

      f338adfd229793c840522e350fd012a70ba47a33

    • SHA256

      c1db55e66511922be85bd61fc8f86e44b11fd9186f30797834796c664fa8c705

    • SHA512

      890692031b9e512c69ba5df1f0f6256e61a85ad664696ecffbf873f8b1d8975e29a126070f849b24b69cae193a377a2a1a6279778fd67adbbb9179c8916116fc

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgE2GEJdwJdXgUrWpcOPxPke+e3fFpsJOfFpsJV:tFPxPke+eI2GRgzFPxPke+eI2GRgW

    Score
    9/10
    • Renames multiple (526) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks