Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e3425966e0c4b35bd90327c676bd938555a52e94cc93e9fa34637ea7030562e9
-
Size
201KB
-
Sample
240927-c3cl8a1cmr
-
MD5
db6d07e9c506bb1e007d2ff134967278
-
SHA1
7b0ad09ac21fb8d0ffbe910443b879ff05d49702
-
SHA256
e3425966e0c4b35bd90327c676bd938555a52e94cc93e9fa34637ea7030562e9
-
SHA512
303bab90130e85a3afc12b821b4630cdf4d3f8678364aa2a5ec405c291988f0d870baf5fc6136637022540533ef37dc54fb2b2479f1c16fe6f5b7c67421604c3
-
SSDEEP
6144:RqlIyFESWu0SWuNSIPqlIyFESWu0SWuNSI+:tyDLyD+
Static task
static1
Behavioral task
behavioral1
Sample
e3425966e0c4b35bd90327c676bd938555a52e94cc93e9fa34637ea7030562e9.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e3425966e0c4b35bd90327c676bd938555a52e94cc93e9fa34637ea7030562e9.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
e3425966e0c4b35bd90327c676bd938555a52e94cc93e9fa34637ea7030562e9
-
Size
201KB
-
MD5
db6d07e9c506bb1e007d2ff134967278
-
SHA1
7b0ad09ac21fb8d0ffbe910443b879ff05d49702
-
SHA256
e3425966e0c4b35bd90327c676bd938555a52e94cc93e9fa34637ea7030562e9
-
SHA512
303bab90130e85a3afc12b821b4630cdf4d3f8678364aa2a5ec405c291988f0d870baf5fc6136637022540533ef37dc54fb2b2479f1c16fe6f5b7c67421604c3
-
SSDEEP
6144:RqlIyFESWu0SWuNSIPqlIyFESWu0SWuNSI+:tyDLyD+
Score9/10-
Renames multiple (3733) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-