Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
43c1ce6f93cb759893376fca51821540N.exe
-
Size
125KB
-
Sample
240902-hztdfsvdpr
-
MD5
43c1ce6f93cb759893376fca51821540
-
SHA1
f06f08faa6e9348a2701bd34e2b8e8788c5930e4
-
SHA256
3a31b4dbce23fc1eaaa3422c90fa1428f19238ed9bd945c955174f3408915cf0
-
SHA512
b4fa860af3a53c112c4d555f41f39f479a2287750ad1648c02c1ba5341284ca907387260653ce50585aeab97597ae7ef0685339064c9742e0e86d3dd61237c03
-
SSDEEP
768:W7BlpppARFbhjbhg42LcfpCKYCKo7BlpppARFbhjbhg42LcfpCKYCKK:W7ZppApBULcfpeq7ZppApBULcfpek
Malware Config
Targets
-
-
Target
43c1ce6f93cb759893376fca51821540N.exe
-
Size
125KB
-
MD5
43c1ce6f93cb759893376fca51821540
-
SHA1
f06f08faa6e9348a2701bd34e2b8e8788c5930e4
-
SHA256
3a31b4dbce23fc1eaaa3422c90fa1428f19238ed9bd945c955174f3408915cf0
-
SHA512
b4fa860af3a53c112c4d555f41f39f479a2287750ad1648c02c1ba5341284ca907387260653ce50585aeab97597ae7ef0685339064c9742e0e86d3dd61237c03
-
SSDEEP
768:W7BlpppARFbhjbhg42LcfpCKYCKo7BlpppARFbhjbhg42LcfpCKYCKK:W7ZppApBULcfpeq7ZppApBULcfpek
Score9/10-
Renames multiple (4318) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-