Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c90ce68e44fd87c84b88706a6a77c730N.exe

  • Size

    85KB

  • Sample

    240820-ml1mtsxald

  • MD5

    c90ce68e44fd87c84b88706a6a77c730

  • SHA1

    3c9d6981f234ad201a70d3f17e485cc0b9928783

  • SHA256

    e87a957393e7e95bd4353ac398c02fe44f653db0257dcd124c1ac409e86cace5

  • SHA512

    5f2d5e00cd5949a691da5f67bd06f52aa4dd1131016e71b347a0a82f97e99aabaa82c63f27982d6d61d82ef7acba1d21ded2931c376c1b7fbae9dde23fcd04b5

  • SSDEEP

    768:W7Blp9pARFbhxwWjJ7Blp9pARFbhxwWjq:W7Z9pApxw67Z9pApxwj

Score
9/10

Malware Config

Targets

    • Target

      c90ce68e44fd87c84b88706a6a77c730N.exe

    • Size

      85KB

    • MD5

      c90ce68e44fd87c84b88706a6a77c730

    • SHA1

      3c9d6981f234ad201a70d3f17e485cc0b9928783

    • SHA256

      e87a957393e7e95bd4353ac398c02fe44f653db0257dcd124c1ac409e86cace5

    • SHA512

      5f2d5e00cd5949a691da5f67bd06f52aa4dd1131016e71b347a0a82f97e99aabaa82c63f27982d6d61d82ef7acba1d21ded2931c376c1b7fbae9dde23fcd04b5

    • SSDEEP

      768:W7Blp9pARFbhxwWjJ7Blp9pARFbhxwWjq:W7Z9pApxw67Z9pApxwj

    Score
    9/10
    • Renames multiple (4269) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks