Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

e2a7ea2f2a...43.exe

windows7-x64

9

e2a7ea2f2a...43.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e2a7ea2f2a02182c1d5bb45fa1bbfb7c47fc26ccb7a526b68217ab0f9c653143

  • Size

    175KB

  • Sample

    240723-egk3kswdna

  • MD5

    22e791ff989a7a093e5f758d324c4a19

  • SHA1

    ec38ec32cb1c66362321cf291d0e185cc6ced608

  • SHA256

    e2a7ea2f2a02182c1d5bb45fa1bbfb7c47fc26ccb7a526b68217ab0f9c653143

  • SHA512

    85170d5cb7ac147d22cf5ec44745cff93636464379417b3276214e51709969d8be1bd62937b740cc9a8fb4fa4c0731daf3db63bbaa23c31ce92de149d0d46204

  • SSDEEP

    3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBn:PqFF2Ie+efoqFF2Ie+ef5

Score
9/10
ransomware

Malware Config

Targets

    • Target

      e2a7ea2f2a02182c1d5bb45fa1bbfb7c47fc26ccb7a526b68217ab0f9c653143

    • Size

      175KB

    • MD5

      22e791ff989a7a093e5f758d324c4a19

    • SHA1

      ec38ec32cb1c66362321cf291d0e185cc6ced608

    • SHA256

      e2a7ea2f2a02182c1d5bb45fa1bbfb7c47fc26ccb7a526b68217ab0f9c653143

    • SHA512

      85170d5cb7ac147d22cf5ec44745cff93636464379417b3276214e51709969d8be1bd62937b740cc9a8fb4fa4c0731daf3db63bbaa23c31ce92de149d0d46204

    • SSDEEP

      3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBn:PqFF2Ie+efoqFF2Ie+ef5

    Score
    9/10
    ransomware

    • Renames multiple (3670) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks