Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1cd3e5d3f1b07277fcf06d8173854720N.exe

  • Size

    2.9MB

  • Sample

    240902-gerhpataqk

  • MD5

    1cd3e5d3f1b07277fcf06d8173854720

  • SHA1

    7f502b5c22f098ab827150ebcf23d479f0344314

  • SHA256

    4c65233ab866b4e5f32bc3a6c99007f9229f3899e99089904345133132ea68df

  • SHA512

    891f810425af995b93ef4c25e90bc8f62fa4cfc6a6021fa3a329e8277548ff11f30bc434862fe33849f083decfb07d43a95302e6134073e73ce4aaa2b5dc6a43

  • SSDEEP

    49152:pdagNWitvn+LfeVL+NSzNQ/uIZcv2LGtFVpdagNWitvn+LfeVL+NSzNQ/uIZcv20:pnWi1HVAbO0GXnWi1HVAbO0GR

Score
9/10

Malware Config

Targets

    • Target

      1cd3e5d3f1b07277fcf06d8173854720N.exe

    • Size

      2.9MB

    • MD5

      1cd3e5d3f1b07277fcf06d8173854720

    • SHA1

      7f502b5c22f098ab827150ebcf23d479f0344314

    • SHA256

      4c65233ab866b4e5f32bc3a6c99007f9229f3899e99089904345133132ea68df

    • SHA512

      891f810425af995b93ef4c25e90bc8f62fa4cfc6a6021fa3a329e8277548ff11f30bc434862fe33849f083decfb07d43a95302e6134073e73ce4aaa2b5dc6a43

    • SSDEEP

      49152:pdagNWitvn+LfeVL+NSzNQ/uIZcv2LGtFVpdagNWitvn+LfeVL+NSzNQ/uIZcv20:pnWi1HVAbO0GXnWi1HVAbO0GR

    Score
    9/10
    • Renames multiple (296) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks