Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2ee66cb455f29729daae33b559210cf0N.exe

  • Size

    103KB

  • Sample

    240806-arw6daxcqe

  • MD5

    2ee66cb455f29729daae33b559210cf0

  • SHA1

    4e8276839d657bd9fcd7324b970adaed4651749f

  • SHA256

    8d96555efb906e4107d6a29157ab20201b5c84e40816f74a5042e76e2add89be

  • SHA512

    c1dc896e3bb749be8f1e20a82e7f237bce15e732de51a5b2fb1a611df44848f8806911f7f8c05f70c23fff94171215b2af7d184df9d2cf3f2ee4f126eef387c6

  • SSDEEP

    3072:fnyiQSoJUBM+PocOQejPdMRAHAASnnD5D5172HyZU3YF40S5DnumSFDnDHaJP1Bg:KiQSo/8

Malware Config

Targets

    • Target

      2ee66cb455f29729daae33b559210cf0N.exe

    • Size

      103KB

    • MD5

      2ee66cb455f29729daae33b559210cf0

    • SHA1

      4e8276839d657bd9fcd7324b970adaed4651749f

    • SHA256

      8d96555efb906e4107d6a29157ab20201b5c84e40816f74a5042e76e2add89be

    • SHA512

      c1dc896e3bb749be8f1e20a82e7f237bce15e732de51a5b2fb1a611df44848f8806911f7f8c05f70c23fff94171215b2af7d184df9d2cf3f2ee4f126eef387c6

    • SSDEEP

      3072:fnyiQSoJUBM+PocOQejPdMRAHAASnnD5D5172HyZU3YF40S5DnumSFDnDHaJP1Bg:KiQSo/8

    • Renames multiple (3082) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks