52bd311d6e5381c07066678acc8150edbc63c6a697cb94e91e944a12766710dd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

52bd311d6e...dd.exe

windows7-x64

9

52bd311d6e...dd.exe

windows10-2004-x64

9

Sharing

General

Target

52bd311d6e5381c07066678acc8150edbc63c6a697cb94e91e944a12766710dd
Size

539KB
Sample

240805-1gkygayhjp
MD5

6a73584a7fe555203e71ac67472964cc
SHA1

dcbf316fe9bdbfa4b94c147785ec0e272ce7ff55
SHA256

52bd311d6e5381c07066678acc8150edbc63c6a697cb94e91e944a12766710dd
SHA512

216b7efa47ae3caa9048ae149932b9b5aaf7fa288cffabb6789518ae457adcd5ac80032d56fc07caf3000dac18cfe67bdeb998665fc1a52f04cafb78fb1b41ef
SSDEEP

6144:RqKvb0CYJ973e+eBSo54oAnjyDdU1sL8Lsw9g09Bp0cV07nNoTWwan7:vvbxYXyS8y+mm8YwBm7fn7

Score

9^/10

discovery ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

52bd311d6e5381c07066678acc8150edbc63c6a697cb94e91e944a12766710dd.exe

Resource

win7-20240729-en

discovery ransomware

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

52bd311d6e5381c07066678acc8150edbc63c6a697cb94e91e944a12766710dd.exe

Resource

win10v2004-20240802-en

discovery ransomware

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  52bd311d6e5381c07066678acc8150edbc63c6a697cb94e91e944a12766710dd
- Size
  
  539KB
- MD5
  
  6a73584a7fe555203e71ac67472964cc
- SHA1
  
  dcbf316fe9bdbfa4b94c147785ec0e272ce7ff55
- SHA256
  
  52bd311d6e5381c07066678acc8150edbc63c6a697cb94e91e944a12766710dd
- SHA512
  
  216b7efa47ae3caa9048ae149932b9b5aaf7fa288cffabb6789518ae457adcd5ac80032d56fc07caf3000dac18cfe67bdeb998665fc1a52f04cafb78fb1b41ef
- SSDEEP
  
  6144:RqKvb0CYJ973e+eBSo54oAnjyDdU1sL8Lsw9g09Bp0cV07nNoTWwan7:vvbxYXyS8y+mm8YwBm7fn7
Score

9^/10

discovery ransomware
- Renames multiple (3661) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomware

behavioral2

discoveryransomware

© 2018-2025

Terms | Privacy