Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5066827e390a3075015bf232a4ce87c0N.exe

  • Size

    92KB

  • Sample

    240816-3dmn1axclq

  • MD5

    5066827e390a3075015bf232a4ce87c0

  • SHA1

    18dd8bf24543102f238e1b57c864943f32071717

  • SHA256

    c03d7b1615029009af959cc40b6b85de043e87b575ffcda248316c73fc07c2c7

  • SHA512

    154a58b8854543c87bb1afe35d7422575b465ee5da87b6f256e084815e4ceaae8f0d0d5417883742a6c7d12b1ade7ea0e585ac0f5c95acaa7fc39d129ebae23f

  • SSDEEP

    768:W7BlpppARFbhbt7Y7eDDESENK7BlpppARFbhbt7Y7eDDESEN0:W7ZppApnDDtoK7ZppApnDDto0

Score
9/10

Malware Config

Targets

    • Target

      5066827e390a3075015bf232a4ce87c0N.exe

    • Size

      92KB

    • MD5

      5066827e390a3075015bf232a4ce87c0

    • SHA1

      18dd8bf24543102f238e1b57c864943f32071717

    • SHA256

      c03d7b1615029009af959cc40b6b85de043e87b575ffcda248316c73fc07c2c7

    • SHA512

      154a58b8854543c87bb1afe35d7422575b465ee5da87b6f256e084815e4ceaae8f0d0d5417883742a6c7d12b1ade7ea0e585ac0f5c95acaa7fc39d129ebae23f

    • SSDEEP

      768:W7BlpppARFbhbt7Y7eDDESENK7BlpppARFbhbt7Y7eDDESEN0:W7ZppApnDDtoK7ZppApnDDto0

    Score
    9/10
    • Renames multiple (339) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks