Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

66dcad8b8c...a9.exe

windows7-x64

9

66dcad8b8c...a9.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66dcad8b8cd3af824dc4f7c90be046ae3eaeb1552b7d6296a18f57a9385f49a9

  • Size

    360KB

  • Sample

    240807-2pl16syhpc

  • MD5

    b85883e27752e0114f1a97251eb7f28d

  • SHA1

    f6efa6428f0eb14dc536103ce495018c9042f328

  • SHA256

    66dcad8b8cd3af824dc4f7c90be046ae3eaeb1552b7d6296a18f57a9385f49a9

  • SHA512

    a5d13c7d523f1811e6aff06b1e7581f29c8c5b5ac5152e009e82bace56ed612fa0627911a048bb530a474640e32f7e1a471bdc72e28676ad76149f42925c6720

  • SSDEEP

    6144:RqKB+tOkWKR0iJ0MnW5AqKB+tOkWKR0iJ0MnW5J:v4Hn34Hni

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      66dcad8b8cd3af824dc4f7c90be046ae3eaeb1552b7d6296a18f57a9385f49a9

    • Size

      360KB

    • MD5

      b85883e27752e0114f1a97251eb7f28d

    • SHA1

      f6efa6428f0eb14dc536103ce495018c9042f328

    • SHA256

      66dcad8b8cd3af824dc4f7c90be046ae3eaeb1552b7d6296a18f57a9385f49a9

    • SHA512

      a5d13c7d523f1811e6aff06b1e7581f29c8c5b5ac5152e009e82bace56ed612fa0627911a048bb530a474640e32f7e1a471bdc72e28676ad76149f42925c6720

    • SSDEEP

      6144:RqKB+tOkWKR0iJ0MnW5AqKB+tOkWKR0iJ0MnW5J:v4Hn34Hni

    Score
    9/10
    discoveryransomware

    • Renames multiple (3317) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks