Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    81c69c5bd22de12dbbe4b6032e0169fe98b0f1cf318c00be725e4502e28d79d6

  • Size

    77KB

  • Sample

    240805-3ha6rswbna

  • MD5

    5fae3b3cabc1dfd62dd445ad770857a6

  • SHA1

    a4374195b5b9efdee6e8ce9653faf8c3ae0d15bc

  • SHA256

    81c69c5bd22de12dbbe4b6032e0169fe98b0f1cf318c00be725e4502e28d79d6

  • SHA512

    33072540e8b788968488a8930277a4469b77f1bd3852beb94b6a7aa1602f043ab9381b04b20fbb65c4f6d98cdb8a5eb201a4214f4286351f5a9762656d874d1b

  • SSDEEP

    768:kBT37CPKK1EXBwzEXBw3sgQw58eGkz2rcuesgQw58eGkz2rcu90TKe+0TKeIiKxV:CTWJGpGfKEqhKEqDTWJGpGfKEqhKEqF

Malware Config

Targets

    • Target

      81c69c5bd22de12dbbe4b6032e0169fe98b0f1cf318c00be725e4502e28d79d6

    • Size

      77KB

    • MD5

      5fae3b3cabc1dfd62dd445ad770857a6

    • SHA1

      a4374195b5b9efdee6e8ce9653faf8c3ae0d15bc

    • SHA256

      81c69c5bd22de12dbbe4b6032e0169fe98b0f1cf318c00be725e4502e28d79d6

    • SHA512

      33072540e8b788968488a8930277a4469b77f1bd3852beb94b6a7aa1602f043ab9381b04b20fbb65c4f6d98cdb8a5eb201a4214f4286351f5a9762656d874d1b

    • SSDEEP

      768:kBT37CPKK1EXBwzEXBw3sgQw58eGkz2rcuesgQw58eGkz2rcu90TKe+0TKeIiKxV:CTWJGpGfKEqhKEqDTWJGpGfKEqhKEqF

    • Renames multiple (4918) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks