Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

29e12d81aa...0N.exe

windows7-x64

9

29e12d81aa...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29e12d81aa82f53fc46dd36780b51740N.exe

  • Size

    112KB

  • Sample

    240725-29l7nsvajd

  • MD5

    29e12d81aa82f53fc46dd36780b51740

  • SHA1

    d323165dc46c64b3128e03d2c6c5ec6db5efa2a9

  • SHA256

    6317d00db759bcef4ac48fc45d55878b792d3466f7c8fcb1de86955c3383e9cc

  • SHA512

    6707babb091f04a405a42b4d8cb030abf91f43b69d1814e92c39e25e72383bab67bffed8168ebeeb5f95fa087156eeb2c4f1363571fe428e0939c538c6349a74

  • SSDEEP

    1536:W7ZppApBULcfpHLcfpX2/Nw/NwmxF7ZppApBULcfpHLcfpX2/Nw/NwmxV:6pWpBwchcV2WxPpWpBwchcV2WxV

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      29e12d81aa82f53fc46dd36780b51740N.exe

    • Size

      112KB

    • MD5

      29e12d81aa82f53fc46dd36780b51740

    • SHA1

      d323165dc46c64b3128e03d2c6c5ec6db5efa2a9

    • SHA256

      6317d00db759bcef4ac48fc45d55878b792d3466f7c8fcb1de86955c3383e9cc

    • SHA512

      6707babb091f04a405a42b4d8cb030abf91f43b69d1814e92c39e25e72383bab67bffed8168ebeeb5f95fa087156eeb2c4f1363571fe428e0939c538c6349a74

    • SSDEEP

      1536:W7ZppApBULcfpHLcfpX2/Nw/NwmxF7ZppApBULcfpHLcfpX2/Nw/NwmxV:6pWpBwchcV2WxPpWpBwchcV2WxV

    Score
    9/10
    discoveryransomware

    • Renames multiple (3515) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks