Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

d5bbce91bc...0N.exe

windows7-x64

9

d5bbce91bc...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d5bbce91bc74ade038a02b4937f2c110N.exe

  • Size

    583KB

  • Sample

    240721-rrt5fsvhnk

  • MD5

    d5bbce91bc74ade038a02b4937f2c110

  • SHA1

    6b201f9bf2456a53f498e2c04bc902121d2c0c2c

  • SHA256

    aea08a1bf6d56db1247696533cda8f2cfcc2016183d0deb02b197cb4cb26f389

  • SHA512

    476c89ac4069fb01c899882a4a26acfffdf581e6854a5be25e4f4ec4357783618195c8e5ebd4fcd2963ab81d5dfbbe54f06ea18e3c5335fcb1e8626e9a41017d

  • SSDEEP

    1536:W7ZhA7pApaX0aX09rDVMFDwU5LenTpnDr5LenTpnDRSfuYa3bztYtzZrZotYtz1S:6e7WpGlCK1I1Me7WpGlCK1I1Z

Score
9/10
ransomware

Malware Config

Targets

    • Target

      d5bbce91bc74ade038a02b4937f2c110N.exe

    • Size

      583KB

    • MD5

      d5bbce91bc74ade038a02b4937f2c110

    • SHA1

      6b201f9bf2456a53f498e2c04bc902121d2c0c2c

    • SHA256

      aea08a1bf6d56db1247696533cda8f2cfcc2016183d0deb02b197cb4cb26f389

    • SHA512

      476c89ac4069fb01c899882a4a26acfffdf581e6854a5be25e4f4ec4357783618195c8e5ebd4fcd2963ab81d5dfbbe54f06ea18e3c5335fcb1e8626e9a41017d

    • SSDEEP

      1536:W7ZhA7pApaX0aX09rDVMFDwU5LenTpnDr5LenTpnDRSfuYa3bztYtzZrZotYtz1S:6e7WpGlCK1I1Me7WpGlCK1I1Z

    Score
    9/10
    ransomware

    • Renames multiple (1932) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks