Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    58a7e19686e93f3d110205a2de44e240.bin

  • Size

    91KB

  • Sample

    240728-ce8dzs1hmp

  • MD5

    58a7e19686e93f3d110205a2de44e240

  • SHA1

    369bb015d3e84f7ea482ef8be3d7c83311bc9e3c

  • SHA256

    5c9f73bb395fe913c45e38bf0b64fa639b48e276b9977c62ff46758d0a11f4b0

  • SHA512

    2d329a931068c12dbb4acbe7564fb039e7265ea61068cd792908ee34cc305dff647e010eb0d6cc35edd6392e29a47b2fc9ddc09aebc4b85faebd3935afcbaffd

  • SSDEEP

    1536:W7ZNLpApCZuvIYXGTvnUp7ZNLpApCZuvIYXGTvnUg:6NLWpCZLYNTNLWpCZLYNg

Score
9/10

Malware Config

Targets

    • Target

      58a7e19686e93f3d110205a2de44e240.bin

    • Size

      91KB

    • MD5

      58a7e19686e93f3d110205a2de44e240

    • SHA1

      369bb015d3e84f7ea482ef8be3d7c83311bc9e3c

    • SHA256

      5c9f73bb395fe913c45e38bf0b64fa639b48e276b9977c62ff46758d0a11f4b0

    • SHA512

      2d329a931068c12dbb4acbe7564fb039e7265ea61068cd792908ee34cc305dff647e010eb0d6cc35edd6392e29a47b2fc9ddc09aebc4b85faebd3935afcbaffd

    • SSDEEP

      1536:W7ZNLpApCZuvIYXGTvnUp7ZNLpApCZuvIYXGTvnUg:6NLWpCZLYNTNLWpCZLYNg

    Score
    9/10
    • Renames multiple (335) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks