Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8026045ed32af598d1691d85b116e090N.exe

  • Size

    506KB

  • Sample

    240906-dcq8cssfrc

  • MD5

    8026045ed32af598d1691d85b116e090

  • SHA1

    2280dd946347193c45a07c64205b7b10673361e3

  • SHA256

    a2a61ef5307988f3da62e648a28b0cd82a45d67388683d71d09a6e1091568724

  • SHA512

    27c24d997a5d75317a590c4f1fc2f22d540102d359648c6b1875772dcd7804ea4f062b940e07443e0f1d92cf373b081d02f5aec904ec2e4267e3a4d985ba667f

  • SSDEEP

    6144:PO78n5Qw0tneDA/sqhleIc0HftDrkYY1hj63hgDonsogCh6NEpAFe:w85bM3npxYfj63hgD1Zit

Score
9/10

Malware Config

Targets

    • Target

      8026045ed32af598d1691d85b116e090N.exe

    • Size

      506KB

    • MD5

      8026045ed32af598d1691d85b116e090

    • SHA1

      2280dd946347193c45a07c64205b7b10673361e3

    • SHA256

      a2a61ef5307988f3da62e648a28b0cd82a45d67388683d71d09a6e1091568724

    • SHA512

      27c24d997a5d75317a590c4f1fc2f22d540102d359648c6b1875772dcd7804ea4f062b940e07443e0f1d92cf373b081d02f5aec904ec2e4267e3a4d985ba667f

    • SSDEEP

      6144:PO78n5Qw0tneDA/sqhleIc0HftDrkYY1hj63hgDonsogCh6NEpAFe:w85bM3npxYfj63hgD1Zit

    Score
    9/10
    • Renames multiple (289) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks