Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
62ea16a1e6f95f7bf5948e828f1159a7c42d797bb808fc68bf413d238a8c1ad8
-
Size
148KB
-
Sample
240609-a4276abf73
-
MD5
efedc27ade16708015d7ad8991fa73aa
-
SHA1
42ad5cfe8826aa855866b80a680c1e94e6d0e232
-
SHA256
62ea16a1e6f95f7bf5948e828f1159a7c42d797bb808fc68bf413d238a8c1ad8
-
SHA512
837a30cfcd7214208d89fd8572e6172fb1106bfcdc9438d9eadc608a91d3580e4d307355a5f24cc7dcd9be4aecb8fd6d26f73571ad5d27d68453f6ea05aafbf5
-
SSDEEP
3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBX:PqFF2Ie+eFNqFF2Ie+eF+
Static task
static1
Behavioral task
behavioral1
Sample
62ea16a1e6f95f7bf5948e828f1159a7c42d797bb808fc68bf413d238a8c1ad8.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
62ea16a1e6f95f7bf5948e828f1159a7c42d797bb808fc68bf413d238a8c1ad8.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
62ea16a1e6f95f7bf5948e828f1159a7c42d797bb808fc68bf413d238a8c1ad8
-
Size
148KB
-
MD5
efedc27ade16708015d7ad8991fa73aa
-
SHA1
42ad5cfe8826aa855866b80a680c1e94e6d0e232
-
SHA256
62ea16a1e6f95f7bf5948e828f1159a7c42d797bb808fc68bf413d238a8c1ad8
-
SHA512
837a30cfcd7214208d89fd8572e6172fb1106bfcdc9438d9eadc608a91d3580e4d307355a5f24cc7dcd9be4aecb8fd6d26f73571ad5d27d68453f6ea05aafbf5
-
SSDEEP
3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBX:PqFF2Ie+eFNqFF2Ie+eF+
Score9/10-
Renames multiple (4288) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-