Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    74a01608fa3fef7d08e5ed1492879720N.exe

  • Size

    82KB

  • Sample

    240805-k8yewasbmp

  • MD5

    74a01608fa3fef7d08e5ed1492879720

  • SHA1

    efc264c39cf67364b11141838f1c422f40085767

  • SHA256

    d1af5f54613a79f8d0ad9c06a3c28119e636c2509b0675cd9258a9904049ac23

  • SHA512

    702342b87149b8dd9e22942b9f713d22f39ca776638a10ffdab17841c31b29e7b5840b93b8bfa67925bb302fcc3af48b303ec08d35bdb8530a6f4213e70a2d92

  • SSDEEP

    768:W7BlpppARFbhHFoqAJwBqAJw1VyjVyC7BlpppARFbhHFoqAJwBqAJw1VyjVyr:W7ZppApyVyjVyC7ZppApyVyjVyr

Score
9/10

Malware Config

Targets

    • Target

      74a01608fa3fef7d08e5ed1492879720N.exe

    • Size

      82KB

    • MD5

      74a01608fa3fef7d08e5ed1492879720

    • SHA1

      efc264c39cf67364b11141838f1c422f40085767

    • SHA256

      d1af5f54613a79f8d0ad9c06a3c28119e636c2509b0675cd9258a9904049ac23

    • SHA512

      702342b87149b8dd9e22942b9f713d22f39ca776638a10ffdab17841c31b29e7b5840b93b8bfa67925bb302fcc3af48b303ec08d35bdb8530a6f4213e70a2d92

    • SSDEEP

      768:W7BlpppARFbhHFoqAJwBqAJw1VyjVyC7BlpppARFbhHFoqAJwBqAJw1VyjVyr:W7ZppApyVyjVyC7ZppApyVyjVyr

    Score
    9/10
    • Renames multiple (4344) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks