Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a3b3f0813b391924ae3a0cbb12ac36b0N.exe
-
Size
199KB
-
Sample
240829-m4b27azdpm
-
MD5
a3b3f0813b391924ae3a0cbb12ac36b0
-
SHA1
9ab76652d7f7b7062dedd0a839fee1a945d8c981
-
SHA256
275b5b1c6bdc7cc58498d08a4afc0f708a83fd903455b5da8afb9795c9dc9767
-
SHA512
0888093779318770d902d7b0174c38b41c1383977bd717a3fb7e6ae12cb39cde532e22a3827ac5614b6f6f522db5c4f58679106667fa68c2184fe9532555501c
-
SSDEEP
6144:RqKvb0CYJ973e+eGGPcmqKvb0CYJ973e+eGGPcQ:vvbxYXnGnvbxYXnGl
Static task
static1
Behavioral task
behavioral1
Sample
a3b3f0813b391924ae3a0cbb12ac36b0N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
a3b3f0813b391924ae3a0cbb12ac36b0N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
a3b3f0813b391924ae3a0cbb12ac36b0N.exe
-
Size
199KB
-
MD5
a3b3f0813b391924ae3a0cbb12ac36b0
-
SHA1
9ab76652d7f7b7062dedd0a839fee1a945d8c981
-
SHA256
275b5b1c6bdc7cc58498d08a4afc0f708a83fd903455b5da8afb9795c9dc9767
-
SHA512
0888093779318770d902d7b0174c38b41c1383977bd717a3fb7e6ae12cb39cde532e22a3827ac5614b6f6f522db5c4f58679106667fa68c2184fe9532555501c
-
SSDEEP
6144:RqKvb0CYJ973e+eGGPcmqKvb0CYJ973e+eGGPcQ:vvbxYXnGnvbxYXnGl
Score9/10-
Renames multiple (286) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-