Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1a48300157af7c7edcf8b8bfce554ecb7a2786eb69c262ef94677e6ecbbfcb26N.exe
-
Size
155KB
-
Sample
240925-paa9xathpp
-
MD5
0b5348054ad9a1b0e7f1b2115f1eaef0
-
SHA1
3c67d6d0a7fd6fc06938c08ed07a9f9f086b7bbc
-
SHA256
1a48300157af7c7edcf8b8bfce554ecb7a2786eb69c262ef94677e6ecbbfcb26
-
SHA512
7fa135faa3de17a0565d11e8a19a9335f484512114f7d55a048cef37c247582145c5b43aed03fa791ac9fac439fa6f814c445ea419472130029ce69da6715c6e
-
SSDEEP
1536:W7ZhA7pApvOsOKM4HBhaGwOQ54xEIjlwZ7ZhA7pApvOsOKM4HBhaGwOQ54xEIjln:6e7WpRaSljCDe7WpRaSljCO
Static task
static1
Behavioral task
behavioral1
Sample
1a48300157af7c7edcf8b8bfce554ecb7a2786eb69c262ef94677e6ecbbfcb26N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1a48300157af7c7edcf8b8bfce554ecb7a2786eb69c262ef94677e6ecbbfcb26N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
1a48300157af7c7edcf8b8bfce554ecb7a2786eb69c262ef94677e6ecbbfcb26N.exe
-
Size
155KB
-
MD5
0b5348054ad9a1b0e7f1b2115f1eaef0
-
SHA1
3c67d6d0a7fd6fc06938c08ed07a9f9f086b7bbc
-
SHA256
1a48300157af7c7edcf8b8bfce554ecb7a2786eb69c262ef94677e6ecbbfcb26
-
SHA512
7fa135faa3de17a0565d11e8a19a9335f484512114f7d55a048cef37c247582145c5b43aed03fa791ac9fac439fa6f814c445ea419472130029ce69da6715c6e
-
SSDEEP
1536:W7ZhA7pApvOsOKM4HBhaGwOQ54xEIjlwZ7ZhA7pApvOsOKM4HBhaGwOQ54xEIjln:6e7WpRaSljCDe7WpRaSljCO
Score9/10-
Renames multiple (3084) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-