Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cce679039743e7de35d770902cf95350N.exe

  • Size

    65KB

  • Sample

    240821-xkm1fsydpk

  • MD5

    cce679039743e7de35d770902cf95350

  • SHA1

    7efb5ae1907fed660017646e04dea850db54e459

  • SHA256

    4d635d57482055bb324ea4d3f6b6f5e88ce122a3bbd221ce3b19a9de233ace15

  • SHA512

    c3fb2a0fc0551e5eefb8a949607cc4e2cea5932eaa3ba703c8540114c207ff740edef0a3b45617d72dedffe9d96cb56d28d1034db49c64d5f2a8f0cf611ea000

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsJOLKc/xJtLJtTGE:KQSohsUsUKM

Malware Config

Targets

    • Target

      cce679039743e7de35d770902cf95350N.exe

    • Size

      65KB

    • MD5

      cce679039743e7de35d770902cf95350

    • SHA1

      7efb5ae1907fed660017646e04dea850db54e459

    • SHA256

      4d635d57482055bb324ea4d3f6b6f5e88ce122a3bbd221ce3b19a9de233ace15

    • SHA512

      c3fb2a0fc0551e5eefb8a949607cc4e2cea5932eaa3ba703c8540114c207ff740edef0a3b45617d72dedffe9d96cb56d28d1034db49c64d5f2a8f0cf611ea000

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8asUsJOLKc/xJtLJtTGE:KQSohsUsUKM

    • Renames multiple (3151) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks