Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8ad9766e251b720229f3026ae1a97710N.exe

  • Size

    268KB

  • Sample

    240903-ht4bga1hmb

  • MD5

    8ad9766e251b720229f3026ae1a97710

  • SHA1

    6a1cd19ea19b377d0fcc6dfa0e85b3555b005829

  • SHA256

    a60d71170e4b9c6376a2575dc96a712a8be6a116f9653661d1a2f0bfe7272660

  • SHA512

    ede5ff919d2f499f485cad5ac4375580eae46fa54571f0b4f4e735bfcc7d4eb61f1072898074f83d98d05e033993f6c0c3d0aee1f3f5eec537c16378d1c7b8dd

  • SSDEEP

    3072:KQSohsUsxk3ljKwOgoYQSohsUsxk3ljKwOgoQ:KQSohsUsElVOUQSohsUsElVOE

Malware Config

Targets

    • Target

      8ad9766e251b720229f3026ae1a97710N.exe

    • Size

      268KB

    • MD5

      8ad9766e251b720229f3026ae1a97710

    • SHA1

      6a1cd19ea19b377d0fcc6dfa0e85b3555b005829

    • SHA256

      a60d71170e4b9c6376a2575dc96a712a8be6a116f9653661d1a2f0bfe7272660

    • SHA512

      ede5ff919d2f499f485cad5ac4375580eae46fa54571f0b4f4e735bfcc7d4eb61f1072898074f83d98d05e033993f6c0c3d0aee1f3f5eec537c16378d1c7b8dd

    • SSDEEP

      3072:KQSohsUsxk3ljKwOgoYQSohsUsxk3ljKwOgoQ:KQSohsUsElVOUQSohsUsElVOE

    • Renames multiple (2897) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks