Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
495b433e9589db97a061a297cda2dd75f60f1c3eddb946e802721c7f8ca1e081N
-
Size
88KB
-
Sample
240919-hjycgawcnm
-
MD5
dd847936b4e697774ae82880000a91c0
-
SHA1
500d1c1f3f45238012188e607b19dd2ad75648b5
-
SHA256
495b433e9589db97a061a297cda2dd75f60f1c3eddb946e802721c7f8ca1e081
-
SHA512
e92d8ebc4c8a61e60d796d2580fa3bd40938f073796c20599ab0a14aea33c5b53091943242975ebc353e641a591f578743ac5752153c35e12a3436ec0cde5102
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOTmdG3mdGZ7ZhA7pApM21LOA1LOTmdG3mdGO:6e7WpMgLOiLOPe7WpMgLOiLOq
Malware Config
Targets
-
-
Target
495b433e9589db97a061a297cda2dd75f60f1c3eddb946e802721c7f8ca1e081N
-
Size
88KB
-
MD5
dd847936b4e697774ae82880000a91c0
-
SHA1
500d1c1f3f45238012188e607b19dd2ad75648b5
-
SHA256
495b433e9589db97a061a297cda2dd75f60f1c3eddb946e802721c7f8ca1e081
-
SHA512
e92d8ebc4c8a61e60d796d2580fa3bd40938f073796c20599ab0a14aea33c5b53091943242975ebc353e641a591f578743ac5752153c35e12a3436ec0cde5102
-
SSDEEP
1536:W7ZhA7pApM21LOA1LOTmdG3mdGZ7ZhA7pApM21LOA1LOTmdG3mdGO:6e7WpMgLOiLOPe7WpMgLOiLOq
Score9/10-
Renames multiple (4459) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-