Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    46d1dfa4470666860701e0ca560f4f60N.exe

  • Size

    116KB

  • Sample

    240803-efhk3axbqa

  • MD5

    46d1dfa4470666860701e0ca560f4f60

  • SHA1

    ee0fb335bd49ad963355ab6c1f0f5c0433222861

  • SHA256

    f119fb0cb4795ac52c50158223303dbfe4e757bfd60a104f2960d64e46bb3008

  • SHA512

    4b17444e472a49b591cae8890a1aeb22700d0380ef41af4987fa09f5d58f118a9457787fd60a730ca4ca919528f6a29bcdfb108032b55ecae09d533c051edc82

  • SSDEEP

    1536:W7ZppApBULcfpHLcfpX2/Nw/NwmxM7ZppApBULcfpHLcfpX2/Nw/Nwmx5:6pWpBwchcV2WxMpWpBwchcV2Wx5

Score
9/10

Malware Config

Targets

    • Target

      46d1dfa4470666860701e0ca560f4f60N.exe

    • Size

      116KB

    • MD5

      46d1dfa4470666860701e0ca560f4f60

    • SHA1

      ee0fb335bd49ad963355ab6c1f0f5c0433222861

    • SHA256

      f119fb0cb4795ac52c50158223303dbfe4e757bfd60a104f2960d64e46bb3008

    • SHA512

      4b17444e472a49b591cae8890a1aeb22700d0380ef41af4987fa09f5d58f118a9457787fd60a730ca4ca919528f6a29bcdfb108032b55ecae09d533c051edc82

    • SSDEEP

      1536:W7ZppApBULcfpHLcfpX2/Nw/NwmxM7ZppApBULcfpHLcfpX2/Nw/Nwmx5:6pWpBwchcV2WxMpWpBwchcV2Wx5

    Score
    9/10
    • Renames multiple (4194) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks