Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ad6ea6d89ca45d5739db9f94b81431e0N
-
Size
73KB
-
Sample
240914-ebx5ysvfpj
-
MD5
ad6ea6d89ca45d5739db9f94b81431e0
-
SHA1
f2c827586faa01222759264a74bc1f5805008800
-
SHA256
c127485a353b4e8e3bbb7d3009e39f8ef7276f6842f90e0a086cb6729815887a
-
SHA512
27a67b944810824264727091347d1817ab02bf3615b5b2911f5889e736ab283a4e3941701a61fe5ab156ed46b68c7b4938168f9e1f6bdcb5ba0181a8572b1563
-
SSDEEP
768:/7BlpQpARFbhxztpAyJ5pAyJy7BlpQpARFbhxztpAyJ5pAyJw:/7ZQpAp87ZQpApy
Static task
static1
Behavioral task
behavioral1
Sample
ad6ea6d89ca45d5739db9f94b81431e0N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ad6ea6d89ca45d5739db9f94b81431e0N.exe
Resource
win10v2004-20240910-en
Malware Config
Targets
-
-
Target
ad6ea6d89ca45d5739db9f94b81431e0N
-
Size
73KB
-
MD5
ad6ea6d89ca45d5739db9f94b81431e0
-
SHA1
f2c827586faa01222759264a74bc1f5805008800
-
SHA256
c127485a353b4e8e3bbb7d3009e39f8ef7276f6842f90e0a086cb6729815887a
-
SHA512
27a67b944810824264727091347d1817ab02bf3615b5b2911f5889e736ab283a4e3941701a61fe5ab156ed46b68c7b4938168f9e1f6bdcb5ba0181a8572b1563
-
SSDEEP
768:/7BlpQpARFbhxztpAyJ5pAyJy7BlpQpARFbhxztpAyJ5pAyJw:/7ZQpAp87ZQpApy
Score9/10-
Renames multiple (3622) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-