Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1b259f94225541da884f922099256f53a162dfd982f8f26c10ef0df5d67d325d

  • Size

    110KB

  • Sample

    240909-xwsp3svdmq

  • MD5

    6439dd99f6664a87360674a1f77e8f7a

  • SHA1

    72fa7e058ca7842f504c4e7fe5b9b42332b90c1e

  • SHA256

    1b259f94225541da884f922099256f53a162dfd982f8f26c10ef0df5d67d325d

  • SHA512

    9509f44b3b98a4985d5f7806e4dc3f3efc49d73861291f714f39fa2ae79e9565b8b3be26ec038a573ed43f9372005993e4e7b27866c1d5e5700c31193b469689

  • SSDEEP

    1536:CTW7JJZENTNyavf73tQqKBBBtTW7JJZENTNyavf73tQqKBBBDrW:htEvfjqqKBBBWtEvfjqqKBBBDrW

Malware Config

Targets

    • Target

      1b259f94225541da884f922099256f53a162dfd982f8f26c10ef0df5d67d325d

    • Size

      110KB

    • MD5

      6439dd99f6664a87360674a1f77e8f7a

    • SHA1

      72fa7e058ca7842f504c4e7fe5b9b42332b90c1e

    • SHA256

      1b259f94225541da884f922099256f53a162dfd982f8f26c10ef0df5d67d325d

    • SHA512

      9509f44b3b98a4985d5f7806e4dc3f3efc49d73861291f714f39fa2ae79e9565b8b3be26ec038a573ed43f9372005993e4e7b27866c1d5e5700c31193b469689

    • SSDEEP

      1536:CTW7JJZENTNyavf73tQqKBBBtTW7JJZENTNyavf73tQqKBBBDrW:htEvfjqqKBBBWtEvfjqqKBBBDrW

    • Renames multiple (4922) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks