Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c6bc3c68195d5c17c02af47c2d2eff20N.exe

  • Size

    75KB

  • Sample

    240814-cs4yqavdpg

  • MD5

    c6bc3c68195d5c17c02af47c2d2eff20

  • SHA1

    98466f1ab0fbb13a79d3827a0204acb1f2126985

  • SHA256

    6a5e9d197196aea5ad4b5e23cef0b3908d0633743fff8df91f17eb838ef37d99

  • SHA512

    e75ba683e43ebb566808a1c318743b013ef8b196e916a26f3e1ad76891971aa3ae312b5b9286f1eb826e34fd2cb483542cf46cb850b7ab246ca2af04882347c1

  • SSDEEP

    768:W7Blp+pARFbhBgnKL+8t8NZy7Blp+pARFbhBgnKL+8t8NZC:W7Z+pAp2nKLr7Z+pAp2nKL9

Score
9/10

Malware Config

Targets

    • Target

      c6bc3c68195d5c17c02af47c2d2eff20N.exe

    • Size

      75KB

    • MD5

      c6bc3c68195d5c17c02af47c2d2eff20

    • SHA1

      98466f1ab0fbb13a79d3827a0204acb1f2126985

    • SHA256

      6a5e9d197196aea5ad4b5e23cef0b3908d0633743fff8df91f17eb838ef37d99

    • SHA512

      e75ba683e43ebb566808a1c318743b013ef8b196e916a26f3e1ad76891971aa3ae312b5b9286f1eb826e34fd2cb483542cf46cb850b7ab246ca2af04882347c1

    • SSDEEP

      768:W7Blp+pARFbhBgnKL+8t8NZy7Blp+pARFbhBgnKL+8t8NZC:W7Z+pAp2nKLr7Z+pAp2nKL9

    Score
    9/10
    • Renames multiple (4389) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks