Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bb7eb73178123be6c97b7bede0ffe4e0_NEAS

  • Size

    264KB

  • Sample

    240507-r2zspaeb76

  • MD5

    bb7eb73178123be6c97b7bede0ffe4e0

  • SHA1

    310ef5294a87255d5a432944e4c6daf711b81d6a

  • SHA256

    c8f9f171140bc35261f637556cba84697d3b53834638aa65c26d4c040efc3adf

  • SHA512

    f6726e1ce6ac248a56d67bad1ac14c0bc5ee486597e9d5b7430f5f7c6e28b2f2fdfbde92ee8e8f405e7897f68cf4dbe643dfb0b80c61c22feb70db867d86c718

  • SSDEEP

    6144:JmCAIuZAIuDMVtM/0hRmCAIuZAIuDMVtM/0hK:7AIuZAIuO9AIuZAIuOk

Score
9/10

Malware Config

Targets

    • Target

      bb7eb73178123be6c97b7bede0ffe4e0_NEAS

    • Size

      264KB

    • MD5

      bb7eb73178123be6c97b7bede0ffe4e0

    • SHA1

      310ef5294a87255d5a432944e4c6daf711b81d6a

    • SHA256

      c8f9f171140bc35261f637556cba84697d3b53834638aa65c26d4c040efc3adf

    • SHA512

      f6726e1ce6ac248a56d67bad1ac14c0bc5ee486597e9d5b7430f5f7c6e28b2f2fdfbde92ee8e8f405e7897f68cf4dbe643dfb0b80c61c22feb70db867d86c718

    • SSDEEP

      6144:JmCAIuZAIuDMVtM/0hRmCAIuZAIuDMVtM/0hK:7AIuZAIuO9AIuZAIuOk

    Score
    9/10
    • Renames multiple (3495) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks