Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
080c31a035259decabd956eeaf86aff0N.exe
-
Size
137KB
-
Sample
240714-sx9yjaydnd
-
MD5
080c31a035259decabd956eeaf86aff0
-
SHA1
d04bb8a1e21678bc234ffcdc3d5ae0f21dfc558d
-
SHA256
112baea13ce852c1cb4601725d2d812eb956c63e2718b1b11be7d994cf91cc9b
-
SHA512
09922398fe5c10a6d4cb24176b3f0b615f478ecaed143f27f5dc9440f3510e66944344172d9f23ed1d5a396e32e80e2c411d632daca7a317350d69efd8c293b9
-
SSDEEP
3072:9QWpze+eJfFpsJOfFpsJ0rDrRQWpze+eJfFpsJOfFpsJ0rDrz:Lpe+eppe+eR
Static task
static1
Behavioral task
behavioral1
Sample
080c31a035259decabd956eeaf86aff0N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
080c31a035259decabd956eeaf86aff0N.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
080c31a035259decabd956eeaf86aff0N.exe
-
Size
137KB
-
MD5
080c31a035259decabd956eeaf86aff0
-
SHA1
d04bb8a1e21678bc234ffcdc3d5ae0f21dfc558d
-
SHA256
112baea13ce852c1cb4601725d2d812eb956c63e2718b1b11be7d994cf91cc9b
-
SHA512
09922398fe5c10a6d4cb24176b3f0b615f478ecaed143f27f5dc9440f3510e66944344172d9f23ed1d5a396e32e80e2c411d632daca7a317350d69efd8c293b9
-
SSDEEP
3072:9QWpze+eJfFpsJOfFpsJ0rDrRQWpze+eJfFpsJOfFpsJ0rDrz:Lpe+eppe+eR
Score9/10-
Renames multiple (4512) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-