Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b79369dbb77422f83eaa9416f8729cb0N.exe
-
Size
80KB
-
Sample
240723-prv1mszdlm
-
MD5
b79369dbb77422f83eaa9416f8729cb0
-
SHA1
89497858e2ca8781eef718429ce454c71cb17760
-
SHA256
0236095f943167d95b1ad874b02fa3dc58229c705833ee3a57afb7c4520628fc
-
SHA512
6e0eda96348f09d45ab248ec551cd567aca8c1f293e47c290bc89c713d1e1bb0d436008a103598a72cf6744a5721f6fc2bcdfa91e6ec1196b27699ea27c0a352
-
SSDEEP
768:W7BlpppARFbhknrzzA8JQ2AdJCzA8JQ2AdJWX0kXX0k97BlpppARFbhknrzzA8J+:W7ZppApkGpY7ZppApkGphPG0PGg
Static task
static1
Behavioral task
behavioral1
Sample
b79369dbb77422f83eaa9416f8729cb0N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b79369dbb77422f83eaa9416f8729cb0N.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
b79369dbb77422f83eaa9416f8729cb0N.exe
-
Size
80KB
-
MD5
b79369dbb77422f83eaa9416f8729cb0
-
SHA1
89497858e2ca8781eef718429ce454c71cb17760
-
SHA256
0236095f943167d95b1ad874b02fa3dc58229c705833ee3a57afb7c4520628fc
-
SHA512
6e0eda96348f09d45ab248ec551cd567aca8c1f293e47c290bc89c713d1e1bb0d436008a103598a72cf6744a5721f6fc2bcdfa91e6ec1196b27699ea27c0a352
-
SSDEEP
768:W7BlpppARFbhknrzzA8JQ2AdJCzA8JQ2AdJWX0kXX0k97BlpppARFbhknrzzA8J+:W7ZppApkGpY7ZppApkGphPG0PGg
Score9/10-
Renames multiple (3883) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-