Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
566e6820b3ee0ee58747aa0a8d1a03f1ea2e2c542486d336934267495780efacN
-
Size
85KB
-
Sample
240919-r9kzhavdqj
-
MD5
03ca2db0dc50622216acf0e1c7651270
-
SHA1
58c74c03252a511da13187ebbed3722b6e699ce6
-
SHA256
566e6820b3ee0ee58747aa0a8d1a03f1ea2e2c542486d336934267495780efac
-
SHA512
a67ae7d17d4793cad2ba58ac0967be4054b8168df634e49babd89507ad2a14b2cb724aebcbfa1f7955f50d4753bb34224c8d06011270ccfde1d0c4bee07a3637
-
SSDEEP
768:/7BlpQpARFbhNIiJwsJwwnZh7BlpQpARFbhNIiJwsJwwnZO:/7ZQpAplJwsJwwnf7ZQpAplJwsJwwn4
Static task
static1
Behavioral task
behavioral1
Sample
566e6820b3ee0ee58747aa0a8d1a03f1ea2e2c542486d336934267495780efacN.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
566e6820b3ee0ee58747aa0a8d1a03f1ea2e2c542486d336934267495780efacN.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
566e6820b3ee0ee58747aa0a8d1a03f1ea2e2c542486d336934267495780efacN
-
Size
85KB
-
MD5
03ca2db0dc50622216acf0e1c7651270
-
SHA1
58c74c03252a511da13187ebbed3722b6e699ce6
-
SHA256
566e6820b3ee0ee58747aa0a8d1a03f1ea2e2c542486d336934267495780efac
-
SHA512
a67ae7d17d4793cad2ba58ac0967be4054b8168df634e49babd89507ad2a14b2cb724aebcbfa1f7955f50d4753bb34224c8d06011270ccfde1d0c4bee07a3637
-
SSDEEP
768:/7BlpQpARFbhNIiJwsJwwnZh7BlpQpARFbhNIiJwsJwwnZO:/7ZQpAplJwsJwwnf7ZQpAplJwsJwwn4
Score9/10-
Renames multiple (4371) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-