Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    16724739d14958619ff40aeffe05c190_NEAS

  • Size

    201KB

  • Sample

    240507-kvxlescb59

  • MD5

    16724739d14958619ff40aeffe05c190

  • SHA1

    8df8c3db8a03040a5cfc89991f52d5e45c7b99c3

  • SHA256

    c5d80fe3bdc9959f66fea317e7307f8e37dfc8b6aafa04ccb49a65566122f4fc

  • SHA512

    c65e653455fe259d64c11f9efe40fb008b96a07e09361dfc37d2a5d2aa447d84a6595672210ce27630e2747c23b68cc3e63a10a840ad482e35280da6d39e11f1

  • SSDEEP

    3072:6rWpcOPxPke+e3fFpsJOfFpsJbgErrWpcOPxPke+e3fFpsJOfFpsJbgEb:tFPxPke+eIuFPxPke+eIb

Score
9/10

Malware Config

Targets

    • Target

      16724739d14958619ff40aeffe05c190_NEAS

    • Size

      201KB

    • MD5

      16724739d14958619ff40aeffe05c190

    • SHA1

      8df8c3db8a03040a5cfc89991f52d5e45c7b99c3

    • SHA256

      c5d80fe3bdc9959f66fea317e7307f8e37dfc8b6aafa04ccb49a65566122f4fc

    • SHA512

      c65e653455fe259d64c11f9efe40fb008b96a07e09361dfc37d2a5d2aa447d84a6595672210ce27630e2747c23b68cc3e63a10a840ad482e35280da6d39e11f1

    • SSDEEP

      3072:6rWpcOPxPke+e3fFpsJOfFpsJbgErrWpcOPxPke+e3fFpsJOfFpsJbgEb:tFPxPke+eIuFPxPke+eIb

    Score
    9/10
    • Renames multiple (3619) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks