Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b3161cd64e28a91e5522c9c583bb3790N.exe
-
Size
178KB
-
Sample
240721-m4ehba1bnm
-
MD5
b3161cd64e28a91e5522c9c583bb3790
-
SHA1
4cc7abbd96170cb989a441ffe86b1960eb623ff7
-
SHA256
27151d65645b99f7561a820afd4e408e78b3e88ad37ef181f3e9566cf7228179
-
SHA512
95abb42f76b0176fa0917a8a284f63dd749ecf49187984653e03ec426910c6d378962abb241bae10e209ba9ffb75525aa7e54a759f7079ad9a65f4a16316b2d0
-
SSDEEP
1536:W7ZhA7pApH178NKsqzot4c4G444444444VkyKAVj84t7ZhA7pApH178NKsqzot4P:6e7Wpazq0YKAVjBe7Wpazq0YKAVjr
Static task
static1
Behavioral task
behavioral1
Sample
b3161cd64e28a91e5522c9c583bb3790N.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
b3161cd64e28a91e5522c9c583bb3790N.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
b3161cd64e28a91e5522c9c583bb3790N.exe
-
Size
178KB
-
MD5
b3161cd64e28a91e5522c9c583bb3790
-
SHA1
4cc7abbd96170cb989a441ffe86b1960eb623ff7
-
SHA256
27151d65645b99f7561a820afd4e408e78b3e88ad37ef181f3e9566cf7228179
-
SHA512
95abb42f76b0176fa0917a8a284f63dd749ecf49187984653e03ec426910c6d378962abb241bae10e209ba9ffb75525aa7e54a759f7079ad9a65f4a16316b2d0
-
SSDEEP
1536:W7ZhA7pApH178NKsqzot4c4G444444444VkyKAVj84t7ZhA7pApH178NKsqzot4P:6e7Wpazq0YKAVjBe7Wpazq0YKAVjr
Score9/10-
Renames multiple (4217) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-