Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    33402e79296f208694a4e07609330620N.exe

  • Size

    87KB

  • Sample

    240802-bw3dmaxenl

  • MD5

    33402e79296f208694a4e07609330620

  • SHA1

    a1fea405f723a9e95e0b4ab6ad2635b1ce27afa8

  • SHA256

    ac91bd7e37580edf5f5145cc67db5982dc2b4dbf5319cbec4da30537b13f5397

  • SHA512

    df8b3560a6b31235ff0b1639f5c61f401b6677a97d6e9b8939eabb41b95241003b958198a73eeecea69f345e5cd6734b62891006f81182962c88ad6f00872ab5

  • SSDEEP

    768:/7BlpQpARFbhNI/VoVy0149ADJ59ADJR7BlpQpARFbhNI/VoVy0149ADJ59ADJJ9:/7ZQpApMye7ZQpApMyqn9

Score
9/10

Malware Config

Targets

    • Target

      33402e79296f208694a4e07609330620N.exe

    • Size

      87KB

    • MD5

      33402e79296f208694a4e07609330620

    • SHA1

      a1fea405f723a9e95e0b4ab6ad2635b1ce27afa8

    • SHA256

      ac91bd7e37580edf5f5145cc67db5982dc2b4dbf5319cbec4da30537b13f5397

    • SHA512

      df8b3560a6b31235ff0b1639f5c61f401b6677a97d6e9b8939eabb41b95241003b958198a73eeecea69f345e5cd6734b62891006f81182962c88ad6f00872ab5

    • SSDEEP

      768:/7BlpQpARFbhNI/VoVy0149ADJ59ADJR7BlpQpARFbhNI/VoVy0149ADJ59ADJJ9:/7ZQpApMye7ZQpApMyqn9

    Score
    9/10
    • Renames multiple (4733) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks