Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

792fe1b4bf...0N.exe

windows7-x64

9

792fe1b4bf...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    792fe1b4bf071f5ea8cc92eff65e9800N.exe

  • Size

    99KB

  • Sample

    240814-k8mclsthld

  • MD5

    792fe1b4bf071f5ea8cc92eff65e9800

  • SHA1

    9ff530da3ab9f42e811a8dc75d6d9d877eb2a9b7

  • SHA256

    878352a542a9fcc49b6e026b91a04f55c5b28b4a580e2f649c3d81ae22db9d5a

  • SHA512

    5bc0d6aa45a4c62eaa71a0972e23450bd775118a1805c6751801ab5ca3041c9c805e24aae6057e41ff6fb9344620d42023e29959e79222b00911e5505ffe40f8

  • SSDEEP

    768:/7BlpQpARFbhn54fmiy+3BVr54fmiy+3BV6n+7BlpQpARFbhn54fmiy+3BVr54fq:/7ZQpApmi6n+7ZQpApmi6n0XM

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      792fe1b4bf071f5ea8cc92eff65e9800N.exe

    • Size

      99KB

    • MD5

      792fe1b4bf071f5ea8cc92eff65e9800

    • SHA1

      9ff530da3ab9f42e811a8dc75d6d9d877eb2a9b7

    • SHA256

      878352a542a9fcc49b6e026b91a04f55c5b28b4a580e2f649c3d81ae22db9d5a

    • SHA512

      5bc0d6aa45a4c62eaa71a0972e23450bd775118a1805c6751801ab5ca3041c9c805e24aae6057e41ff6fb9344620d42023e29959e79222b00911e5505ffe40f8

    • SSDEEP

      768:/7BlpQpARFbhn54fmiy+3BVr54fmiy+3BV6n+7BlpQpARFbhn54fmiy+3BVr54fq:/7ZQpApmi6n+7ZQpApmi6n0XM

    Score
    9/10
    discoveryransomware

    • Renames multiple (4353) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks