Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4d6ad8e3cd705080d17f75f4ad0c0d9fde9a0b71e1f8d61297b30f1392ffb7de

  • Size

    75KB

  • Sample

    240801-25shws1gnl

  • MD5

    3938a45e39e301b599f72a2fc7846978

  • SHA1

    5976ad01f12d125d89cb10acc34670b353cd6af2

  • SHA256

    4d6ad8e3cd705080d17f75f4ad0c0d9fde9a0b71e1f8d61297b30f1392ffb7de

  • SHA512

    72f517038684964e5d770d0f3e734761541aae15935b457d8a175a0012bd0d0d933059a7ced95c48c915af946b3fe6fc548e63124e5db64f986aa22142769571

  • SSDEEP

    384:yBs7Br5xjL8AgA71Fbhvx/IBs7Br5xjL8AgA71Fbhvx/R5x:/7BlpQpARFbhJ/97BlpQpARFbhJ/R5x

Score
9/10

Malware Config

Targets

    • Target

      4d6ad8e3cd705080d17f75f4ad0c0d9fde9a0b71e1f8d61297b30f1392ffb7de

    • Size

      75KB

    • MD5

      3938a45e39e301b599f72a2fc7846978

    • SHA1

      5976ad01f12d125d89cb10acc34670b353cd6af2

    • SHA256

      4d6ad8e3cd705080d17f75f4ad0c0d9fde9a0b71e1f8d61297b30f1392ffb7de

    • SHA512

      72f517038684964e5d770d0f3e734761541aae15935b457d8a175a0012bd0d0d933059a7ced95c48c915af946b3fe6fc548e63124e5db64f986aa22142769571

    • SSDEEP

      384:yBs7Br5xjL8AgA71Fbhvx/IBs7Br5xjL8AgA71Fbhvx/R5x:/7BlpQpARFbhJ/97BlpQpARFbhJ/R5x

    Score
    9/10
    • Renames multiple (3384) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks