Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
be728f86ec93958f300b9d36740ba6c12b0ab5d5f9554ff86ed9c87f686aa937
-
Size
1.3MB
-
Sample
240710-eshrlawcmj
-
MD5
9fe1882c032b5e51c335c50b4b37902f
-
SHA1
5fc01266eb91b6b095c4e9e61211329916ad7ab0
-
SHA256
be728f86ec93958f300b9d36740ba6c12b0ab5d5f9554ff86ed9c87f686aa937
-
SHA512
a779390053a8db71503c15a95cb320f64b432971796f9d63db110997573362f0478039f3768be1c554bc9538f498d19558057bddc3d301f3bba6ec77f6b40fca
-
SSDEEP
24576:3Z+05tErv2XwKvHoBHErvOmnD4TxJeUrtONbcDvX+ZRDSq9yG0+GYCwdD5sguoax:3Z+05RvyiUTxwuoNbxzyG0QCKD5daDEy
Static task
static1
Behavioral task
behavioral1
Sample
be728f86ec93958f300b9d36740ba6c12b0ab5d5f9554ff86ed9c87f686aa937.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
be728f86ec93958f300b9d36740ba6c12b0ab5d5f9554ff86ed9c87f686aa937.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
be728f86ec93958f300b9d36740ba6c12b0ab5d5f9554ff86ed9c87f686aa937
-
Size
1.3MB
-
MD5
9fe1882c032b5e51c335c50b4b37902f
-
SHA1
5fc01266eb91b6b095c4e9e61211329916ad7ab0
-
SHA256
be728f86ec93958f300b9d36740ba6c12b0ab5d5f9554ff86ed9c87f686aa937
-
SHA512
a779390053a8db71503c15a95cb320f64b432971796f9d63db110997573362f0478039f3768be1c554bc9538f498d19558057bddc3d301f3bba6ec77f6b40fca
-
SSDEEP
24576:3Z+05tErv2XwKvHoBHErvOmnD4TxJeUrtONbcDvX+ZRDSq9yG0+GYCwdD5sguoax:3Z+05RvyiUTxwuoNbxzyG0QCKD5daDEy
Score9/10-
Renames multiple (216) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-