Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

67b4488811...5b.exe

windows7-x64

9

67b4488811...5b.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    67b44888119a16a3a66558016192ae24f3910aff8a413616873b936be50c425b

  • Size

    139KB

  • Sample

    240811-1zx1ra1apr

  • MD5

    2add450c8bd89ee0b7ad4206802c705c

  • SHA1

    aaac3f2822ceb0d5b946c4728846c01362f76611

  • SHA256

    67b44888119a16a3a66558016192ae24f3910aff8a413616873b936be50c425b

  • SHA512

    106e9cfac9d1d8a2c637de65666679741285af8c245bcd5869fbe5ab14d498be370fe82406b445d59f43b888360529c4a29263221cf36a913e0e7cc3d30839a7

  • SSDEEP

    1536:W7Z+pApfGQ3y3RWvfmRfm9sKsSd5I7Z+pApfGQ3y3RWvfmRfm9sKsSd5f:6+WpDfmRfmhY+WpDfmRfmhv

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      67b44888119a16a3a66558016192ae24f3910aff8a413616873b936be50c425b

    • Size

      139KB

    • MD5

      2add450c8bd89ee0b7ad4206802c705c

    • SHA1

      aaac3f2822ceb0d5b946c4728846c01362f76611

    • SHA256

      67b44888119a16a3a66558016192ae24f3910aff8a413616873b936be50c425b

    • SHA512

      106e9cfac9d1d8a2c637de65666679741285af8c245bcd5869fbe5ab14d498be370fe82406b445d59f43b888360529c4a29263221cf36a913e0e7cc3d30839a7

    • SSDEEP

      1536:W7Z+pApfGQ3y3RWvfmRfm9sKsSd5I7Z+pApfGQ3y3RWvfmRfm9sKsSd5f:6+WpDfmRfmhY+WpDfmRfmhv

    Score
    9/10
    discoveryransomware

    • Renames multiple (809) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks