97fa5f8416e5775013c3400b9dce787d16d654520606f437b1c27ccdc261523e | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

ca9d1cdf39...0N.exe

windows7-x64

9

ca9d1cdf39...0N.exe

windows10-2004-x64

9

Sharing

General

Target

ca9d1cdf39b3389cacaba679d22bb0a0N.exe
Size

91KB
Sample

240818-b2ff2s1ekr
MD5

ca9d1cdf39b3389cacaba679d22bb0a0
SHA1

cb72a161d4880209520b448375cf7cb11cd13713
SHA256

97fa5f8416e5775013c3400b9dce787d16d654520606f437b1c27ccdc261523e
SHA512

70cc57128f3a038c4f339cd518722429bd4062b392b5b69e719ea183a8ab006e44af1ad59730055ebd8d8ba41748e21b83ecfb39b2f978ffa74782e329acad49
SSDEEP

1536:V7Zf/FAxTWoJJZENTNyl2Sm0mdnwNRTW7JJZENTNyl2Sm0mdnwNc:fny1tE42rnwNatE42rnwNc

Score

9^/10

discovery ransomware upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ca9d1cdf39b3389cacaba679d22bb0a0N.exe

Resource

win7-20240729-en

discovery ransomware upx

windows7-x64

4 signatures

120 seconds

Behavioral task

behavioral2

Sample

ca9d1cdf39b3389cacaba679d22bb0a0N.exe

Resource

win10v2004-20240802-en

discovery ransomware upx

windows10-2004-x64

4 signatures

120 seconds

Malware Config

Targets

- Target
  
  ca9d1cdf39b3389cacaba679d22bb0a0N.exe
- Size
  
  91KB
- MD5
  
  ca9d1cdf39b3389cacaba679d22bb0a0
- SHA1
  
  cb72a161d4880209520b448375cf7cb11cd13713
- SHA256
  
  97fa5f8416e5775013c3400b9dce787d16d654520606f437b1c27ccdc261523e
- SHA512
  
  70cc57128f3a038c4f339cd518722429bd4062b392b5b69e719ea183a8ab006e44af1ad59730055ebd8d8ba41748e21b83ecfb39b2f978ffa74782e329acad49
- SSDEEP
  
  1536:V7Zf/FAxTWoJJZENTNyl2Sm0mdnwNRTW7JJZENTNyl2Sm0mdnwNc:fny1tE42rnwNatE42rnwNc
Score

9^/10

discovery ransomware upx
- Renames multiple (3099) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryransomwareupx

behavioral2

discoveryransomwareupx

© 2018-2025

Terms | Privacy