Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
konets.exe
-
Size
17KB
-
Sample
240810-pw7j8stfmc
-
MD5
6a178845e4b33de30efcdcf7b4e128be
-
SHA1
2f144879ef702ce6fe75515240c9add67b5945ea
-
SHA256
41b93a574bb612aa155054a537fe86be308ece7c10764a1f57ce01f894848f7c
-
SHA512
c1e6db9afb21263b47466636d23775a6aaa88a43903fdfa26952b831bc369cef59ae9200ee0466c7869e748192756d19ed6c717403a05622cc3a0ef0104574a8
-
SSDEEP
192:v6e44RTHEdAppUxevrtachyQpYtXz3usVccmDesQ5tf3XNGlraivR5uQpI:v6eFZLpuABbyQCRq6sW2amNp
Static task
static1
Behavioral task
behavioral1
Sample
konets.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
konets.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\README.txt
Targets
-
-
Target
konets.exe
-
Size
17KB
-
MD5
6a178845e4b33de30efcdcf7b4e128be
-
SHA1
2f144879ef702ce6fe75515240c9add67b5945ea
-
SHA256
41b93a574bb612aa155054a537fe86be308ece7c10764a1f57ce01f894848f7c
-
SHA512
c1e6db9afb21263b47466636d23775a6aaa88a43903fdfa26952b831bc369cef59ae9200ee0466c7869e748192756d19ed6c717403a05622cc3a0ef0104574a8
-
SSDEEP
192:v6e44RTHEdAppUxevrtachyQpYtXz3usVccmDesQ5tf3XNGlraivR5uQpI:v6eFZLpuABbyQCRq6sW2amNp
Score10/10-
Renames multiple (4956) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Drivers directory
-
Drops startup file
-
Drops file in System32 directory
-