Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    00c111fbba8a65824a5c5f1edea1d6d0N.exe

  • Size

    94KB

  • Sample

    240819-qkbh4awcph

  • MD5

    00c111fbba8a65824a5c5f1edea1d6d0

  • SHA1

    07808ae8fab305a5eec4ef7c62456218a1a77e2b

  • SHA256

    f0692c1c7af0f31743d1ee35ea19755d9121e5f04b72df9b6b29806d4fd708a3

  • SHA512

    2ef942a38f3dca93e83cdd77a4ed38fdcb1354f85cd89ac694be5b0e5911ecc8905f3fbd5105bc412c79f90ead0014bea76316988180d8ce09e8fdb46dbd9665

  • SSDEEP

    1536:W7ZppApBULcfpHLcfpyDoAI9/7ZppApBULcfpHLcfpyDoAI9y+d:6pWpBwchcwDK99pWpBwchcwDK9J

Score
9/10

Malware Config

Targets

    • Target

      00c111fbba8a65824a5c5f1edea1d6d0N.exe

    • Size

      94KB

    • MD5

      00c111fbba8a65824a5c5f1edea1d6d0

    • SHA1

      07808ae8fab305a5eec4ef7c62456218a1a77e2b

    • SHA256

      f0692c1c7af0f31743d1ee35ea19755d9121e5f04b72df9b6b29806d4fd708a3

    • SHA512

      2ef942a38f3dca93e83cdd77a4ed38fdcb1354f85cd89ac694be5b0e5911ecc8905f3fbd5105bc412c79f90ead0014bea76316988180d8ce09e8fdb46dbd9665

    • SSDEEP

      1536:W7ZppApBULcfpHLcfpyDoAI9/7ZppApBULcfpHLcfpyDoAI9y+d:6pWpBwchcwDK99pWpBwchcwDK9J

    Score
    9/10
    • Renames multiple (4732) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks