Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ab397cc86d6da851982fe5dbbb4841d0N.exe

  • Size

    203KB

  • Sample

    240816-17x1qa1akf

  • MD5

    ab397cc86d6da851982fe5dbbb4841d0

  • SHA1

    52025ad093973adb06293ed95c81c9b2b38da92c

  • SHA256

    228d0bcd9c5cd5cd027412d830247c989540251785104052b42801badf94b406

  • SHA512

    677055ff13b6d2534657750860bd142b6d3ce5c213e780ed911101e3031623245270d34f8c8c64332e31ac54fcc1a6ed745c87a3e345ee2bd5ad9f405f919baa

  • SSDEEP

    6144:PqFF2Ie+efsim2A5sqFF2Ie+efsim2A5P:iFF2+im2iFF2+im2S

Score
9/10

Malware Config

Targets

    • Target

      ab397cc86d6da851982fe5dbbb4841d0N.exe

    • Size

      203KB

    • MD5

      ab397cc86d6da851982fe5dbbb4841d0

    • SHA1

      52025ad093973adb06293ed95c81c9b2b38da92c

    • SHA256

      228d0bcd9c5cd5cd027412d830247c989540251785104052b42801badf94b406

    • SHA512

      677055ff13b6d2534657750860bd142b6d3ce5c213e780ed911101e3031623245270d34f8c8c64332e31ac54fcc1a6ed745c87a3e345ee2bd5ad9f405f919baa

    • SSDEEP

      6144:PqFF2Ie+efsim2A5sqFF2Ie+efsim2A5P:iFF2+im2iFF2+im2S

    Score
    9/10
    • Renames multiple (2891) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks