c5a08e71ca4014085921d95e22a33fedb36bb4d3c68f72000bd4c4814e708af3 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

515b81f00f...0N.exe

windows7-x64

9

515b81f00f...0N.exe

windows10-2004-x64

9

Sharing

General

Target

515b81f00ffb64aaf410d1b54f31ac10N.exe
Size

95KB
Sample

240721-c5m6qstamd
MD5

515b81f00ffb64aaf410d1b54f31ac10
SHA1

3c5fc6904d959a72de3eb00b3ea7387f933c125d
SHA256

c5a08e71ca4014085921d95e22a33fedb36bb4d3c68f72000bd4c4814e708af3
SHA512

44892774d8145af2314a63096d740b466d7c45e9feff747374dd82b70a6ac5285a0e388b73d4516926532da23d6956d3ca8a831f80548cf063ae354af5a9cee0
SSDEEP

768:W7BlphA7pARFbhvOsTKnKqtkYP7BlphA7pARFbhvOsTKnKqtkYt7Y4:W7ZhA7pApvOsOKO7ZhA7pApvOsOKc7/

Score

9^/10

ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

515b81f00ffb64aaf410d1b54f31ac10N.exe

Resource

win7-20240705-en

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

515b81f00ffb64aaf410d1b54f31ac10N.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

5 signatures

120 seconds

Malware Config

Targets

- Target
  
  515b81f00ffb64aaf410d1b54f31ac10N.exe
- Size
  
  95KB
- MD5
  
  515b81f00ffb64aaf410d1b54f31ac10
- SHA1
  
  3c5fc6904d959a72de3eb00b3ea7387f933c125d
- SHA256
  
  c5a08e71ca4014085921d95e22a33fedb36bb4d3c68f72000bd4c4814e708af3
- SHA512
  
  44892774d8145af2314a63096d740b466d7c45e9feff747374dd82b70a6ac5285a0e388b73d4516926532da23d6956d3ca8a831f80548cf063ae354af5a9cee0
- SSDEEP
  
  768:W7BlphA7pARFbhvOsTKnKqtkYP7BlphA7pARFbhvOsTKnKqtkYt7Y4:W7ZhA7pApvOsOKO7ZhA7pApvOsOKc7/
Score

9^/10

ransomware
- Renames multiple (4220) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy