Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    43c1ce6f93cb759893376fca51821540N.exe

  • Size

    125KB

  • Sample

    240902-hztdfsvdpr

  • MD5

    43c1ce6f93cb759893376fca51821540

  • SHA1

    f06f08faa6e9348a2701bd34e2b8e8788c5930e4

  • SHA256

    3a31b4dbce23fc1eaaa3422c90fa1428f19238ed9bd945c955174f3408915cf0

  • SHA512

    b4fa860af3a53c112c4d555f41f39f479a2287750ad1648c02c1ba5341284ca907387260653ce50585aeab97597ae7ef0685339064c9742e0e86d3dd61237c03

  • SSDEEP

    768:W7BlpppARFbhjbhg42LcfpCKYCKo7BlpppARFbhjbhg42LcfpCKYCKK:W7ZppApBULcfpeq7ZppApBULcfpek

Score
9/10

Malware Config

Targets

    • Target

      43c1ce6f93cb759893376fca51821540N.exe

    • Size

      125KB

    • MD5

      43c1ce6f93cb759893376fca51821540

    • SHA1

      f06f08faa6e9348a2701bd34e2b8e8788c5930e4

    • SHA256

      3a31b4dbce23fc1eaaa3422c90fa1428f19238ed9bd945c955174f3408915cf0

    • SHA512

      b4fa860af3a53c112c4d555f41f39f479a2287750ad1648c02c1ba5341284ca907387260653ce50585aeab97597ae7ef0685339064c9742e0e86d3dd61237c03

    • SSDEEP

      768:W7BlpppARFbhjbhg42LcfpCKYCKo7BlpppARFbhjbhg42LcfpCKYCKK:W7ZppApBULcfpeq7ZppApBULcfpek

    Score
    9/10
    • Renames multiple (4318) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks