Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1da201c70a9f0e416cb0bcb07e1f4f7ea2c339df8d22b2a22f40fdfb74c7edad

  • Size

    128KB

  • Sample

    240727-yhb1vaybqf

  • MD5

    ff15c1ae6eca8c9853dd699cf7a192fb

  • SHA1

    15c3acde3a00d946941100c5b5ce6bf5521abbde

  • SHA256

    1da201c70a9f0e416cb0bcb07e1f4f7ea2c339df8d22b2a22f40fdfb74c7edad

  • SHA512

    6a98db0c378593de2129ee5c52bda6a00b5ef315efba18b6c2bf8a42e0c6c4f4daf3b8911e21b18fcfd95d7dc83e542e5cc548ea0d830b5bd25f9323d09ccdcb

  • SSDEEP

    1536:V7Zf/FAxTWxOmO/fxRfxykK3ZUkK3ZKYF6ATW8OmO/fxRfxykK3ZUkK3ZKYF6n:fny+Tuf7fs63Tuf7fs6K

Malware Config

Targets

    • Target

      1da201c70a9f0e416cb0bcb07e1f4f7ea2c339df8d22b2a22f40fdfb74c7edad

    • Size

      128KB

    • MD5

      ff15c1ae6eca8c9853dd699cf7a192fb

    • SHA1

      15c3acde3a00d946941100c5b5ce6bf5521abbde

    • SHA256

      1da201c70a9f0e416cb0bcb07e1f4f7ea2c339df8d22b2a22f40fdfb74c7edad

    • SHA512

      6a98db0c378593de2129ee5c52bda6a00b5ef315efba18b6c2bf8a42e0c6c4f4daf3b8911e21b18fcfd95d7dc83e542e5cc548ea0d830b5bd25f9323d09ccdcb

    • SSDEEP

      1536:V7Zf/FAxTWxOmO/fxRfxykK3ZUkK3ZKYF6ATW8OmO/fxRfxykK3ZUkK3ZKYF6n:fny+Tuf7fs63Tuf7fs6K

    • Renames multiple (1170) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks