Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1a48300157af7c7edcf8b8bfce554ecb7a2786eb69c262ef94677e6ecbbfcb26N.exe

  • Size

    155KB

  • Sample

    240925-paa9xathpp

  • MD5

    0b5348054ad9a1b0e7f1b2115f1eaef0

  • SHA1

    3c67d6d0a7fd6fc06938c08ed07a9f9f086b7bbc

  • SHA256

    1a48300157af7c7edcf8b8bfce554ecb7a2786eb69c262ef94677e6ecbbfcb26

  • SHA512

    7fa135faa3de17a0565d11e8a19a9335f484512114f7d55a048cef37c247582145c5b43aed03fa791ac9fac439fa6f814c445ea419472130029ce69da6715c6e

  • SSDEEP

    1536:W7ZhA7pApvOsOKM4HBhaGwOQ54xEIjlwZ7ZhA7pApvOsOKM4HBhaGwOQ54xEIjln:6e7WpRaSljCDe7WpRaSljCO

Score
9/10

Malware Config

Targets

    • Target

      1a48300157af7c7edcf8b8bfce554ecb7a2786eb69c262ef94677e6ecbbfcb26N.exe

    • Size

      155KB

    • MD5

      0b5348054ad9a1b0e7f1b2115f1eaef0

    • SHA1

      3c67d6d0a7fd6fc06938c08ed07a9f9f086b7bbc

    • SHA256

      1a48300157af7c7edcf8b8bfce554ecb7a2786eb69c262ef94677e6ecbbfcb26

    • SHA512

      7fa135faa3de17a0565d11e8a19a9335f484512114f7d55a048cef37c247582145c5b43aed03fa791ac9fac439fa6f814c445ea419472130029ce69da6715c6e

    • SSDEEP

      1536:W7ZhA7pApvOsOKM4HBhaGwOQ54xEIjlwZ7ZhA7pApvOsOKM4HBhaGwOQ54xEIjln:6e7WpRaSljCDe7WpRaSljCO

    Score
    9/10
    • Renames multiple (3084) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks