Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
46d1dfa4470666860701e0ca560f4f60N.exe
-
Size
116KB
-
Sample
240803-efhk3axbqa
-
MD5
46d1dfa4470666860701e0ca560f4f60
-
SHA1
ee0fb335bd49ad963355ab6c1f0f5c0433222861
-
SHA256
f119fb0cb4795ac52c50158223303dbfe4e757bfd60a104f2960d64e46bb3008
-
SHA512
4b17444e472a49b591cae8890a1aeb22700d0380ef41af4987fa09f5d58f118a9457787fd60a730ca4ca919528f6a29bcdfb108032b55ecae09d533c051edc82
-
SSDEEP
1536:W7ZppApBULcfpHLcfpX2/Nw/NwmxM7ZppApBULcfpHLcfpX2/Nw/Nwmx5:6pWpBwchcV2WxMpWpBwchcV2Wx5
Malware Config
Targets
-
-
Target
46d1dfa4470666860701e0ca560f4f60N.exe
-
Size
116KB
-
MD5
46d1dfa4470666860701e0ca560f4f60
-
SHA1
ee0fb335bd49ad963355ab6c1f0f5c0433222861
-
SHA256
f119fb0cb4795ac52c50158223303dbfe4e757bfd60a104f2960d64e46bb3008
-
SHA512
4b17444e472a49b591cae8890a1aeb22700d0380ef41af4987fa09f5d58f118a9457787fd60a730ca4ca919528f6a29bcdfb108032b55ecae09d533c051edc82
-
SSDEEP
1536:W7ZppApBULcfpHLcfpX2/Nw/NwmxM7ZppApBULcfpHLcfpX2/Nw/Nwmx5:6pWpBwchcV2WxMpWpBwchcV2Wx5
Score9/10-
Renames multiple (4194) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-