Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
491b91214db1ac83ccf976343c64239edfda2cb8ac406cdd21afdb34da1b6df2N
-
Size
147KB
-
Sample
240919-jpb7vsxgrc
-
MD5
a57fd556d95d6a6fddff66f1e049c800
-
SHA1
4f53ef0f04fd125416118035c534e9c09c07d6b3
-
SHA256
491b91214db1ac83ccf976343c64239edfda2cb8ac406cdd21afdb34da1b6df2
-
SHA512
9a1d9ea3d2405179f0566b7a32725824746c5790d6ad2d49daf0abb91ff940b83442ddda0a3e4089f40119f50f64296ad2b6a463139281ce31eaac6dc79bd342
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8NCuXYRY5I2I36zYMTWn1++PJHJXA/OsIZfzc3/0:KQSoDuXuv3SQSoDuXuv3F
Behavioral task
behavioral1
Sample
491b91214db1ac83ccf976343c64239edfda2cb8ac406cdd21afdb34da1b6df2N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
491b91214db1ac83ccf976343c64239edfda2cb8ac406cdd21afdb34da1b6df2N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
491b91214db1ac83ccf976343c64239edfda2cb8ac406cdd21afdb34da1b6df2N
-
Size
147KB
-
MD5
a57fd556d95d6a6fddff66f1e049c800
-
SHA1
4f53ef0f04fd125416118035c534e9c09c07d6b3
-
SHA256
491b91214db1ac83ccf976343c64239edfda2cb8ac406cdd21afdb34da1b6df2
-
SHA512
9a1d9ea3d2405179f0566b7a32725824746c5790d6ad2d49daf0abb91ff940b83442ddda0a3e4089f40119f50f64296ad2b6a463139281ce31eaac6dc79bd342
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8NCuXYRY5I2I36zYMTWn1++PJHJXA/OsIZfzc3/0:KQSoDuXuv3SQSoDuXuv3F
Score9/10-
Renames multiple (4596) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-