Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    222f7e71acf282abe1703a85c850d850N.exe

  • Size

    103KB

  • Sample

    240825-rjzd7sycjc

  • MD5

    222f7e71acf282abe1703a85c850d850

  • SHA1

    ffc6e90996c4a6f650634da1011f14905501126c

  • SHA256

    d4e65ae87e422f3306d3faf9108d58d20c52a238b5ef34a1ea953f5449aa2f8c

  • SHA512

    db02d9f917095e59122c62e6da3f99b98858639375f663775b446634363a2a8e9fcc958a7decfd821446f0e53bace106ce80439c056520dc2026dc1f111be452

  • SSDEEP

    768:W7BlphA7pARFbh4+S7BlphA7pARFbh4+b:W7ZhA7pAp4+S7ZhA7pAp4+b

Score
9/10

Malware Config

Targets

    • Target

      222f7e71acf282abe1703a85c850d850N.exe

    • Size

      103KB

    • MD5

      222f7e71acf282abe1703a85c850d850

    • SHA1

      ffc6e90996c4a6f650634da1011f14905501126c

    • SHA256

      d4e65ae87e422f3306d3faf9108d58d20c52a238b5ef34a1ea953f5449aa2f8c

    • SHA512

      db02d9f917095e59122c62e6da3f99b98858639375f663775b446634363a2a8e9fcc958a7decfd821446f0e53bace106ce80439c056520dc2026dc1f111be452

    • SSDEEP

      768:W7BlphA7pARFbh4+S7BlphA7pARFbh4+b:W7ZhA7pAp4+S7ZhA7pAp4+b

    Score
    9/10
    • Renames multiple (4557) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks