899f9eb14b629b413d8fa84dcc1653fa2477e8fa4e4f119cd02dab78f9e7a10c | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

899f9eb14b...0c.exe

windows7-x64

9

899f9eb14b...0c.exe

windows10-2004-x64

9

Resubmissions

05/07/2024, 22:36

240705-2jc63szgkb 9

30/06/2024, 23:59

240630-31zxvashpn 9

30/06/2024, 23:55

240630-3ym59sshjn 10

Sharing

General

Target

899f9eb14b629b413d8fa84dcc1653fa2477e8fa4e4f119cd02dab78f9e7a10c
Size

90KB
Sample

240630-3ym59sshjn
MD5

6222154957fbf89f273719c001f82a6c
SHA1

14a13a772f654c8d46de97e56db3e75ffaeb86fd
SHA256

899f9eb14b629b413d8fa84dcc1653fa2477e8fa4e4f119cd02dab78f9e7a10c
SHA512

6bf4e345f1ac322a7fab6beca852765ac369b7bffd6007b272aa5458f4c354804f891a4aa5d22c4fef60dbb5e0e5eb37645bfe98413f4de91b8e925294d13af0
SSDEEP

1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8VCnXxX81jmQJHdJHr0GUykUyN:enaypQSoPXxXTke

Score

10^/10

ransomware upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

899f9eb14b629b413d8fa84dcc1653fa2477e8fa4e4f119cd02dab78f9e7a10c.exe

Resource

win7-20240611-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

899f9eb14b629b413d8fa84dcc1653fa2477e8fa4e4f119cd02dab78f9e7a10c.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  899f9eb14b629b413d8fa84dcc1653fa2477e8fa4e4f119cd02dab78f9e7a10c
- Size
  
  90KB
- MD5
  
  6222154957fbf89f273719c001f82a6c
- SHA1
  
  14a13a772f654c8d46de97e56db3e75ffaeb86fd
- SHA256
  
  899f9eb14b629b413d8fa84dcc1653fa2477e8fa4e4f119cd02dab78f9e7a10c
- SHA512
  
  6bf4e345f1ac322a7fab6beca852765ac369b7bffd6007b272aa5458f4c354804f891a4aa5d22c4fef60dbb5e0e5eb37645bfe98413f4de91b8e925294d13af0
- SSDEEP
  
  1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8VCnXxX81jmQJHdJHr0GUykUyN:enaypQSoPXxXTke
Score

9^/10

ransomware upx
- Renames multiple (534) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- UPX dump on OEP (original entry point)
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy