Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e5429afb78994860fa86813ca3fc1240N.exe

  • Size

    112KB

  • Sample

    240725-vvp7fsxamg

  • MD5

    e5429afb78994860fa86813ca3fc1240

  • SHA1

    4c64babaa0c2911663c9258f4786e7db76d4b1fc

  • SHA256

    c3b2ab9852b05778e23259add2dfd6de196194ee2431636efe550c10d5ad84fc

  • SHA512

    9044e83be1180669e6f6bc95ff8004f74fb5ef090cf97891162eeaa66b25638d618518b45e3e8d1147e2b1ac56ed47bc22a19348deb7070154182c53625f3356

  • SSDEEP

    1536:W7ZNLpApCZuvIYXJSpXeXUH7ZNLpApCZuvIYXJSpXeXUG:6NLWpCZLYZSpukFNLWpCZLYZSpukG

Score
9/10

Malware Config

Targets

    • Target

      e5429afb78994860fa86813ca3fc1240N.exe

    • Size

      112KB

    • MD5

      e5429afb78994860fa86813ca3fc1240

    • SHA1

      4c64babaa0c2911663c9258f4786e7db76d4b1fc

    • SHA256

      c3b2ab9852b05778e23259add2dfd6de196194ee2431636efe550c10d5ad84fc

    • SHA512

      9044e83be1180669e6f6bc95ff8004f74fb5ef090cf97891162eeaa66b25638d618518b45e3e8d1147e2b1ac56ed47bc22a19348deb7070154182c53625f3356

    • SSDEEP

      1536:W7ZNLpApCZuvIYXJSpXeXUH7ZNLpApCZuvIYXJSpXeXUG:6NLWpCZLYZSpukFNLWpCZLYZSpukG

    Score
    9/10
    • Renames multiple (3833) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks