Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

02/09/2024, 06:43

240902-hgxcdsvhlc 9

02/09/2024, 06:40

240902-he8mmsvgrd 9

General

  • Target

    97d329d6e31aae9207affed73d78fc60N.exe

  • Size

    63KB

  • Sample

    240902-hgxcdsvhlc

  • MD5

    97d329d6e31aae9207affed73d78fc60

  • SHA1

    55d6d0b763850fb70009f4756e8b8c21e6326f2a

  • SHA256

    78ef512be36d976f2c5a8260c9483508376eec16382a67a05534faf60ce6d088

  • SHA512

    8789693eaefe209626efb4f6761bc1158b740dd31bad423a29e714d530916e20b947dd8f06dfb2e2b841f950350addb0d4e5e1de887634e3117eab0260ea4d6a

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9ffgT+i1xrfgT+i1xt1BT37CPKKdJJ1EXBwzK:CTW7JJ7T5YXYdTW7JJ7T5YXY2

Malware Config

Targets

    • Target

      97d329d6e31aae9207affed73d78fc60N.exe

    • Size

      63KB

    • MD5

      97d329d6e31aae9207affed73d78fc60

    • SHA1

      55d6d0b763850fb70009f4756e8b8c21e6326f2a

    • SHA256

      78ef512be36d976f2c5a8260c9483508376eec16382a67a05534faf60ce6d088

    • SHA512

      8789693eaefe209626efb4f6761bc1158b740dd31bad423a29e714d530916e20b947dd8f06dfb2e2b841f950350addb0d4e5e1de887634e3117eab0260ea4d6a

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9ffgT+i1xrfgT+i1xt1BT37CPKKdJJ1EXBwzK:CTW7JJ7T5YXYdTW7JJ7T5YXY2

    • Renames multiple (1642) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks