Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c90ce68e44fd87c84b88706a6a77c730N.exe
-
Size
85KB
-
Sample
240820-ml1mtsxald
-
MD5
c90ce68e44fd87c84b88706a6a77c730
-
SHA1
3c9d6981f234ad201a70d3f17e485cc0b9928783
-
SHA256
e87a957393e7e95bd4353ac398c02fe44f653db0257dcd124c1ac409e86cace5
-
SHA512
5f2d5e00cd5949a691da5f67bd06f52aa4dd1131016e71b347a0a82f97e99aabaa82c63f27982d6d61d82ef7acba1d21ded2931c376c1b7fbae9dde23fcd04b5
-
SSDEEP
768:W7Blp9pARFbhxwWjJ7Blp9pARFbhxwWjq:W7Z9pApxw67Z9pApxwj
Static task
static1
Behavioral task
behavioral1
Sample
c90ce68e44fd87c84b88706a6a77c730N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
c90ce68e44fd87c84b88706a6a77c730N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c90ce68e44fd87c84b88706a6a77c730N.exe
-
Size
85KB
-
MD5
c90ce68e44fd87c84b88706a6a77c730
-
SHA1
3c9d6981f234ad201a70d3f17e485cc0b9928783
-
SHA256
e87a957393e7e95bd4353ac398c02fe44f653db0257dcd124c1ac409e86cace5
-
SHA512
5f2d5e00cd5949a691da5f67bd06f52aa4dd1131016e71b347a0a82f97e99aabaa82c63f27982d6d61d82ef7acba1d21ded2931c376c1b7fbae9dde23fcd04b5
-
SSDEEP
768:W7Blp9pARFbhxwWjJ7Blp9pARFbhxwWjq:W7Z9pApxw67Z9pApxwj
Score9/10-
Renames multiple (4269) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-