Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

642e149c84...0N.exe

windows7-x64

9

642e149c84...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    642e149c84e607f971eea3ff5f880780N.exe

  • Size

    122KB

  • Sample

    240726-2n8hsazbkr

  • MD5

    642e149c84e607f971eea3ff5f880780

  • SHA1

    ff9cf983806326d965dcd030c89bacce32efdd38

  • SHA256

    00a2f3ec0cfdfa287b0c961bde8aa637b6496b50d04f6c32851543630faac554

  • SHA512

    b9cfdbda637c79d6bd304d08defa732b655594b8ffa98551a853157e588a25afacad5604831f8e00120cd6c241c0c736fc3f9efb8f3d0b38e2a709c9420e2567

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsxe+eX7n97nwvxHTWn1++PJHJXA/OsIZfzco:KQSohsUsxe+erZiQSohsUsxe+erZz

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      642e149c84e607f971eea3ff5f880780N.exe

    • Size

      122KB

    • MD5

      642e149c84e607f971eea3ff5f880780

    • SHA1

      ff9cf983806326d965dcd030c89bacce32efdd38

    • SHA256

      00a2f3ec0cfdfa287b0c961bde8aa637b6496b50d04f6c32851543630faac554

    • SHA512

      b9cfdbda637c79d6bd304d08defa732b655594b8ffa98551a853157e588a25afacad5604831f8e00120cd6c241c0c736fc3f9efb8f3d0b38e2a709c9420e2567

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsxe+eX7n97nwvxHTWn1++PJHJXA/OsIZfzco:KQSohsUsxe+erZiQSohsUsxe+erZz

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3574) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks