Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8693f3d5824b969f1953dae3701de990N.exe

  • Size

    104KB

  • Sample

    240904-p7skfszgmq

  • MD5

    8693f3d5824b969f1953dae3701de990

  • SHA1

    3eae2a6b59ab59526167d219e8778990143adbec

  • SHA256

    808d4bfd19669f2f31d6a7e94aa04a3d7b1e149d941a439e11ac6bc4948b50b8

  • SHA512

    d5c0ff34c8241cf8e69a46b1c1c941928eb695a8e14b922bb567860c6703f481fdf685057899b3ad8b656607606931c19c17a96bd39d5104c4bc9839a4058a62

  • SSDEEP

    1536:W7ZhA7dAIJtvXtvG7ZhA7dAIJtvXtvkqqqs:6e76Be76l

Score
9/10

Malware Config

Targets

    • Target

      8693f3d5824b969f1953dae3701de990N.exe

    • Size

      104KB

    • MD5

      8693f3d5824b969f1953dae3701de990

    • SHA1

      3eae2a6b59ab59526167d219e8778990143adbec

    • SHA256

      808d4bfd19669f2f31d6a7e94aa04a3d7b1e149d941a439e11ac6bc4948b50b8

    • SHA512

      d5c0ff34c8241cf8e69a46b1c1c941928eb695a8e14b922bb567860c6703f481fdf685057899b3ad8b656607606931c19c17a96bd39d5104c4bc9839a4058a62

    • SSDEEP

      1536:W7ZhA7dAIJtvXtvG7ZhA7dAIJtvXtvkqqqs:6e76Be76l

    Score
    9/10
    • Renames multiple (3764) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks