Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

9f3b5ad5c5...0N.exe

windows7-x64

9

9f3b5ad5c5...0N.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9f3b5ad5c516b000574718ea8e2e1750N.exe

  • Size

    166KB

  • Sample

    240825-3f1cwa1fpb

  • MD5

    9f3b5ad5c516b000574718ea8e2e1750

  • SHA1

    9058937629f716bb2bd1117ade0df39cef7f8cab

  • SHA256

    57b3bd9f30a4cea34db4ecaf9f705190d17ea67152523982d2c32cff718c4e91

  • SHA512

    f161ba19911491661fcabb40f341ee320ce6cc61af827d46989ab8fe37c8f71085b7ef4b4e30fc682b2144a3448fa042f02188dab17412109934ce2b4cee2876

  • SSDEEP

    1536:W7ZDpApYbVK4vx4PN54PN4OHepOHeZS+fcftS4Sr7ZDpApYbVK4vx4PN54PN4OHx:6DWp7WWfcfEJJDWp7WWfcfEJk9N9t

Score
9/10
discoveryransomware

Malware Config

Targets

    • Target

      9f3b5ad5c516b000574718ea8e2e1750N.exe

    • Size

      166KB

    • MD5

      9f3b5ad5c516b000574718ea8e2e1750

    • SHA1

      9058937629f716bb2bd1117ade0df39cef7f8cab

    • SHA256

      57b3bd9f30a4cea34db4ecaf9f705190d17ea67152523982d2c32cff718c4e91

    • SHA512

      f161ba19911491661fcabb40f341ee320ce6cc61af827d46989ab8fe37c8f71085b7ef4b4e30fc682b2144a3448fa042f02188dab17412109934ce2b4cee2876

    • SSDEEP

      1536:W7ZDpApYbVK4vx4PN54PN4OHepOHeZS+fcftS4Sr7ZDpApYbVK4vx4PN54PN4OHx:6DWp7WWfcfEJJDWp7WWfcfEJk9N9t

    Score
    9/10
    discoveryransomware

    • Renames multiple (4168) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks