Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
08bd364f006ecda3b0760d7cbf107a23073529c5e863d6b1521a0612163d0a61.exe
-
Size
136KB
-
Sample
240803-bd7wdsxfkn
-
MD5
a5c0af52fdb53b6e451736bc3287503d
-
SHA1
63bc7dce786d3c83783749c700bfda7871f91f1c
-
SHA256
08bd364f006ecda3b0760d7cbf107a23073529c5e863d6b1521a0612163d0a61
-
SHA512
390fe917b400a472c880c1cefa4ce6f9ed7cda77395365336d6ff4d76827e13eaa1a4ca8a653f73d442cde8c2b51fa17f9c5e566f3f0468abc66604ea21fc723
-
SSDEEP
3072:x91uZu1iQl0Mep53PKuc7FsTYJ0Fwcl8mcjbuD:x3iMepVPv6mEZfjbU
Static task
static1
Behavioral task
behavioral1
Sample
08bd364f006ecda3b0760d7cbf107a23073529c5e863d6b1521a0612163d0a61.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
08bd364f006ecda3b0760d7cbf107a23073529c5e863d6b1521a0612163d0a61.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
08bd364f006ecda3b0760d7cbf107a23073529c5e863d6b1521a0612163d0a61.exe
-
Size
136KB
-
MD5
a5c0af52fdb53b6e451736bc3287503d
-
SHA1
63bc7dce786d3c83783749c700bfda7871f91f1c
-
SHA256
08bd364f006ecda3b0760d7cbf107a23073529c5e863d6b1521a0612163d0a61
-
SHA512
390fe917b400a472c880c1cefa4ce6f9ed7cda77395365336d6ff4d76827e13eaa1a4ca8a653f73d442cde8c2b51fa17f9c5e566f3f0468abc66604ea21fc723
-
SSDEEP
3072:x91uZu1iQl0Mep53PKuc7FsTYJ0Fwcl8mcjbuD:x3iMepVPv6mEZfjbU
Score9/10-
Renames multiple (5240) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-