Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    81804d6ce551a73b38a5e844a8cb2290N.exe

  • Size

    50KB

  • Sample

    240906-b2dx8aygml

  • MD5

    81804d6ce551a73b38a5e844a8cb2290

  • SHA1

    b821c18dfa78f50ea87f0ea4f73753a8f7a393c8

  • SHA256

    9ab62910818ea9dd7c54777e4af652521a40c5b996502db61f4f1f0ebc9fda8f

  • SHA512

    2d599404150db8928151b077a07c1a809a93456f43233bb5b5c19ba5579e83b0003c8d5d830fe28af8f4553a13c025fbf2a1fc9ec5cae6a30e40627fd6288525

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9nGcjkK2rvVk//Nyz/VCyz/Vh:CTW7JJ7T7jkKCVk//NypCyph

Malware Config

Targets

    • Target

      81804d6ce551a73b38a5e844a8cb2290N.exe

    • Size

      50KB

    • MD5

      81804d6ce551a73b38a5e844a8cb2290

    • SHA1

      b821c18dfa78f50ea87f0ea4f73753a8f7a393c8

    • SHA256

      9ab62910818ea9dd7c54777e4af652521a40c5b996502db61f4f1f0ebc9fda8f

    • SHA512

      2d599404150db8928151b077a07c1a809a93456f43233bb5b5c19ba5579e83b0003c8d5d830fe28af8f4553a13c025fbf2a1fc9ec5cae6a30e40627fd6288525

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9nGcjkK2rvVk//Nyz/VCyz/Vh:CTW7JJ7T7jkKCVk//NypCyph

    • Renames multiple (3328) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks