Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8e884e6d1d33bde7a75b426ed1b8b2e0N.exe

  • Size

    60KB

  • Sample

    240902-hvk7aavdkm

  • MD5

    8e884e6d1d33bde7a75b426ed1b8b2e0

  • SHA1

    a336c249b3f783f59973c9828c6d1f206e357930

  • SHA256

    d4585a145f3c8fb3add1b3b59916f592f86e1b90bf82e4c38e58b219aa1836c1

  • SHA512

    d8853c55c83895edf390343f46cb223abaec8cab69cb67d0e2d7e2d799ddd25b051018f662f74ac4fe0719dfe6a3f81caa85826c600adbc7974c769f35fad5a8

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9GoCtOVijJ1foCtOVijJ1qR8R6BT37CPKKdJJ:CTW7JJ7TatuKgTW7JJ7TatuKU

Malware Config

Targets

    • Target

      8e884e6d1d33bde7a75b426ed1b8b2e0N.exe

    • Size

      60KB

    • MD5

      8e884e6d1d33bde7a75b426ed1b8b2e0

    • SHA1

      a336c249b3f783f59973c9828c6d1f206e357930

    • SHA256

      d4585a145f3c8fb3add1b3b59916f592f86e1b90bf82e4c38e58b219aa1836c1

    • SHA512

      d8853c55c83895edf390343f46cb223abaec8cab69cb67d0e2d7e2d799ddd25b051018f662f74ac4fe0719dfe6a3f81caa85826c600adbc7974c769f35fad5a8

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9GoCtOVijJ1foCtOVijJ1qR8R6BT37CPKKdJJ:CTW7JJ7TatuKgTW7JJ7TatuKU

    • Renames multiple (4060) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks