Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b5fdaab19335bbe9e055845771636da0_NEAS

  • Size

    381KB

  • Sample

    240507-rp3c2sdf45

  • MD5

    b5fdaab19335bbe9e055845771636da0

  • SHA1

    326ae516b013854c4a9cc3f7d5c2d19a00ffe4da

  • SHA256

    6ec2336d7f4c729b270f336829417dc41efc3ef4155e87e34b0d1c07a77b39e2

  • SHA512

    126e6ecffea555bfb05ceea202fd75e3700a4fcd7dd5ea6a36ae7546e72b7c4fefd163fc1e07525b2c7a7ac89ee3d1801d5eed700df36d5caae69ccd3b24a627

  • SSDEEP

    6144:JmCAIuZAIuDMVtM/KlOW3WM2mmCAIuZAIuDMVtM/KlOW3WM2Q:7AIuZAIuOhlOW3WM2MAIuZAIuOhlOW3P

Score
9/10

Malware Config

Targets

    • Target

      b5fdaab19335bbe9e055845771636da0_NEAS

    • Size

      381KB

    • MD5

      b5fdaab19335bbe9e055845771636da0

    • SHA1

      326ae516b013854c4a9cc3f7d5c2d19a00ffe4da

    • SHA256

      6ec2336d7f4c729b270f336829417dc41efc3ef4155e87e34b0d1c07a77b39e2

    • SHA512

      126e6ecffea555bfb05ceea202fd75e3700a4fcd7dd5ea6a36ae7546e72b7c4fefd163fc1e07525b2c7a7ac89ee3d1801d5eed700df36d5caae69ccd3b24a627

    • SSDEEP

      6144:JmCAIuZAIuDMVtM/KlOW3WM2mmCAIuZAIuDMVtM/KlOW3WM2Q:7AIuZAIuOhlOW3WM2MAIuZAIuOhlOW3P

    Score
    9/10
    • Renames multiple (3129) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks