Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

9949af7720...0N.exe

windows7-x64

9

9949af7720...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9949af772057de7964e73c51fc6e9500N.exe

  • Size

    186KB

  • Sample

    240824-x1hqnsvcpd

  • MD5

    9949af772057de7964e73c51fc6e9500

  • SHA1

    9cd275bf10f51d6c7b66520d8f90555774ec7b05

  • SHA256

    60d7ece60b104649a9b9d130904144e94425f17c2e9eeece9df0e6cff9470306

  • SHA512

    e5e697c44f0168cb00f5c3647cac174cfcf161a7307310e377ed5ee4557edb00b61c2fc9e9eaf8a304ee9e585a71662313448217c4afdeaf336c9fb016128fee

  • SSDEEP

    3072:6e7WpMaxeb0CYJ97lEYNR73e+eGGRe7WpMaxeb0CYJ97lEYNR73e+eGGM:RqKvb0CYJ973e+eGG0qKvb0CYJ973e+L

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      9949af772057de7964e73c51fc6e9500N.exe

    • Size

      186KB

    • MD5

      9949af772057de7964e73c51fc6e9500

    • SHA1

      9cd275bf10f51d6c7b66520d8f90555774ec7b05

    • SHA256

      60d7ece60b104649a9b9d130904144e94425f17c2e9eeece9df0e6cff9470306

    • SHA512

      e5e697c44f0168cb00f5c3647cac174cfcf161a7307310e377ed5ee4557edb00b61c2fc9e9eaf8a304ee9e585a71662313448217c4afdeaf336c9fb016128fee

    • SSDEEP

      3072:6e7WpMaxeb0CYJ97lEYNR73e+eGGRe7WpMaxeb0CYJ97lEYNR73e+eGGM:RqKvb0CYJ973e+eGG0qKvb0CYJ973e+L

    Score
    9/10
    discoveryransomware

    • Renames multiple (2990) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks