Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    52f6944210318731aad3a61b869e24b0N.exe

  • Size

    68KB

  • Sample

    240724-gbve6szhjn

  • MD5

    52f6944210318731aad3a61b869e24b0

  • SHA1

    e338d04ba47aca49922efd99921e7d0a0a88fadf

  • SHA256

    57a8a5c54c5ca854237b2813057bb7283d984f6ca4508d87ed0a8c7ae90eec2c

  • SHA512

    567dfdbe7355d632f32567759711b80d9bb9053a466b80f3f97a6885d6fce5acf292c7186e38e3447adae6bb5ae8ca3ab5c2aa9cd7e329e4a1926febe669f82a

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8+wu:fnyiQSo9

Malware Config

Targets

    • Target

      52f6944210318731aad3a61b869e24b0N.exe

    • Size

      68KB

    • MD5

      52f6944210318731aad3a61b869e24b0

    • SHA1

      e338d04ba47aca49922efd99921e7d0a0a88fadf

    • SHA256

      57a8a5c54c5ca854237b2813057bb7283d984f6ca4508d87ed0a8c7ae90eec2c

    • SHA512

      567dfdbe7355d632f32567759711b80d9bb9053a466b80f3f97a6885d6fce5acf292c7186e38e3447adae6bb5ae8ca3ab5c2aa9cd7e329e4a1926febe669f82a

    • SSDEEP

      1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8+wu:fnyiQSo9

    • Renames multiple (3209) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks