Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0d0ad11fb502657e2f897224a9dc7aa0N.exe

  • Size

    57KB

  • Sample

    240723-z7bbaasdja

  • MD5

    0d0ad11fb502657e2f897224a9dc7aa0

  • SHA1

    a01a86c96a1a4c4deeafb6385a893207fcf4483f

  • SHA256

    5312e5596fcc1c1c168f4496f0c98879f812c52816fadb93672050fa60e10597

  • SHA512

    27f9cc7ece05ad129f3461eb0cc0d2e2e5ebf777d2382477697b6b131faee5410f69034850bd10c24ffc5b43df309a3877476a35819c8be5386fdcdea49d0920

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8zx0Cq/8S/8s:KQSop8i8s

Malware Config

Targets

    • Target

      0d0ad11fb502657e2f897224a9dc7aa0N.exe

    • Size

      57KB

    • MD5

      0d0ad11fb502657e2f897224a9dc7aa0

    • SHA1

      a01a86c96a1a4c4deeafb6385a893207fcf4483f

    • SHA256

      5312e5596fcc1c1c168f4496f0c98879f812c52816fadb93672050fa60e10597

    • SHA512

      27f9cc7ece05ad129f3461eb0cc0d2e2e5ebf777d2382477697b6b131faee5410f69034850bd10c24ffc5b43df309a3877476a35819c8be5386fdcdea49d0920

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8zx0Cq/8S/8s:KQSop8i8s

    • Renames multiple (2931) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks