Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c793aeb4de5306c17e956215c31c7cc0N.exe

  • Size

    67KB

  • Sample

    240903-qt9r9axhjm

  • MD5

    c793aeb4de5306c17e956215c31c7cc0

  • SHA1

    512ca3fd98e266f278f3cf4ffec62782b8ca6923

  • SHA256

    216648e539a3f6e7c21bdd0f0fb7e9329886c0f05d21cfa9fc9042e777d4490e

  • SHA512

    a40b702958a1de609e1d09be638b4b74e2b25344159dc1ef4630dd13337d8ffefa3cae7a556dbadd3b6c7ad11052960fcc00494c7cc4c10b7b5f0fbbbefdb2b8

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8zx4LgLTorob:KQSoFcvorob

Malware Config

Targets

    • Target

      c793aeb4de5306c17e956215c31c7cc0N.exe

    • Size

      67KB

    • MD5

      c793aeb4de5306c17e956215c31c7cc0

    • SHA1

      512ca3fd98e266f278f3cf4ffec62782b8ca6923

    • SHA256

      216648e539a3f6e7c21bdd0f0fb7e9329886c0f05d21cfa9fc9042e777d4490e

    • SHA512

      a40b702958a1de609e1d09be638b4b74e2b25344159dc1ef4630dd13337d8ffefa3cae7a556dbadd3b6c7ad11052960fcc00494c7cc4c10b7b5f0fbbbefdb2b8

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8zx4LgLTorob:KQSoFcvorob

    • Renames multiple (2820) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks