Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    623a8947dab40d88a02307c35f496a30N.exe

  • Size

    114KB

  • Sample

    240903-1pdt5axhlm

  • MD5

    623a8947dab40d88a02307c35f496a30

  • SHA1

    ba087da32b4a858d1ab45a274b9e63fde2647a15

  • SHA256

    0f7003861ee8135109c396574c951040e4818028e883b10aa5d446627e8dafa7

  • SHA512

    7b41c842d058be19941d140d84dffdaa57c9869825d728f952d162fcd2424ef755a07baf14601b74af8b89b282ee0acef81f7b3f522002bd72de6b7fb977b731

  • SSDEEP

    1536:W7ZppApBULcfpHLcfpyD+pspF7ZppApBULcfpHLcfpyD+pspz:6pWpBwchcwD+pspPpWpBwchcwD+pspz

Score
9/10

Malware Config

Targets

    • Target

      623a8947dab40d88a02307c35f496a30N.exe

    • Size

      114KB

    • MD5

      623a8947dab40d88a02307c35f496a30

    • SHA1

      ba087da32b4a858d1ab45a274b9e63fde2647a15

    • SHA256

      0f7003861ee8135109c396574c951040e4818028e883b10aa5d446627e8dafa7

    • SHA512

      7b41c842d058be19941d140d84dffdaa57c9869825d728f952d162fcd2424ef755a07baf14601b74af8b89b282ee0acef81f7b3f522002bd72de6b7fb977b731

    • SSDEEP

      1536:W7ZppApBULcfpHLcfpyD+pspF7ZppApBULcfpHLcfpyD+pspz:6pWpBwchcwD+pspPpWpBwchcwD+pspz

    Score
    9/10
    • Renames multiple (3708) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks