Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0729d6946c7315f79dd52a46e9ce2d60N.exe
-
Size
97KB
-
Sample
240726-pahnzszgja
-
MD5
0729d6946c7315f79dd52a46e9ce2d60
-
SHA1
849f02c6984270162f2eb7f2864d539781793706
-
SHA256
776adaa4e8655a318272134287eaff89aafcceb1ab7fd970292f61d7bfdbc6dd
-
SHA512
b585c4f27233a7913bd6dfe764b228111f5fefa287a3a312df067512dc1e54e6f9af37b3d1e2ca7bf44532757b41fdf1f055c4f55106f2fe44b8c91dc7c1fb76
-
SSDEEP
1536:W7ZppApkFSAlyaly07ZppApkFSAlyalyU:6pWpkFSA1tpWpkFSA1V
Malware Config
Targets
-
-
Target
0729d6946c7315f79dd52a46e9ce2d60N.exe
-
Size
97KB
-
MD5
0729d6946c7315f79dd52a46e9ce2d60
-
SHA1
849f02c6984270162f2eb7f2864d539781793706
-
SHA256
776adaa4e8655a318272134287eaff89aafcceb1ab7fd970292f61d7bfdbc6dd
-
SHA512
b585c4f27233a7913bd6dfe764b228111f5fefa287a3a312df067512dc1e54e6f9af37b3d1e2ca7bf44532757b41fdf1f055c4f55106f2fe44b8c91dc7c1fb76
-
SSDEEP
1536:W7ZppApkFSAlyaly07ZppApkFSAlyalyU:6pWpkFSA1tpWpkFSA1V
Score9/10-
Renames multiple (3401) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-