Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0729d6946c7315f79dd52a46e9ce2d60N.exe

  • Size

    97KB

  • Sample

    240726-pahnzszgja

  • MD5

    0729d6946c7315f79dd52a46e9ce2d60

  • SHA1

    849f02c6984270162f2eb7f2864d539781793706

  • SHA256

    776adaa4e8655a318272134287eaff89aafcceb1ab7fd970292f61d7bfdbc6dd

  • SHA512

    b585c4f27233a7913bd6dfe764b228111f5fefa287a3a312df067512dc1e54e6f9af37b3d1e2ca7bf44532757b41fdf1f055c4f55106f2fe44b8c91dc7c1fb76

  • SSDEEP

    1536:W7ZppApkFSAlyaly07ZppApkFSAlyalyU:6pWpkFSA1tpWpkFSA1V

Score
9/10

Malware Config

Targets

    • Target

      0729d6946c7315f79dd52a46e9ce2d60N.exe

    • Size

      97KB

    • MD5

      0729d6946c7315f79dd52a46e9ce2d60

    • SHA1

      849f02c6984270162f2eb7f2864d539781793706

    • SHA256

      776adaa4e8655a318272134287eaff89aafcceb1ab7fd970292f61d7bfdbc6dd

    • SHA512

      b585c4f27233a7913bd6dfe764b228111f5fefa287a3a312df067512dc1e54e6f9af37b3d1e2ca7bf44532757b41fdf1f055c4f55106f2fe44b8c91dc7c1fb76

    • SSDEEP

      1536:W7ZppApkFSAlyaly07ZppApkFSAlyalyU:6pWpkFSA1tpWpkFSA1V

    Score
    9/10
    • Renames multiple (3401) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks