Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7ace5670b060a9a389ec1977802c030130bd1d6ee7aa54c13c640e77e8aecf31

  • Size

    607KB

  • Sample

    241003-xz8kpsscrn

  • MD5

    31bc95a2577acda7a463b0727cc8e25b

  • SHA1

    2169ea61f0f7f3e07ef1c249184caae15149b996

  • SHA256

    7ace5670b060a9a389ec1977802c030130bd1d6ee7aa54c13c640e77e8aecf31

  • SHA512

    8ec609f65ec901101619d8171bd10c56a2fad3fc22c459288eef4442340e8414b6ec86e2ff784d1c3c6f3f8d31e21718219567921518423e54611e5c7f1fcf23

  • SSDEEP

    6144:KQSolf5uKhbSnHXBMV5jdCBjtsD52dmdLqff86+jVvaYMLOen9Bp1xf2ODuYMyRE:KQtlUVRMstsD5pAfujVvaYML59RIgq

Malware Config

Targets

    • Target

      7ace5670b060a9a389ec1977802c030130bd1d6ee7aa54c13c640e77e8aecf31

    • Size

      607KB

    • MD5

      31bc95a2577acda7a463b0727cc8e25b

    • SHA1

      2169ea61f0f7f3e07ef1c249184caae15149b996

    • SHA256

      7ace5670b060a9a389ec1977802c030130bd1d6ee7aa54c13c640e77e8aecf31

    • SHA512

      8ec609f65ec901101619d8171bd10c56a2fad3fc22c459288eef4442340e8414b6ec86e2ff784d1c3c6f3f8d31e21718219567921518423e54611e5c7f1fcf23

    • SSDEEP

      6144:KQSolf5uKhbSnHXBMV5jdCBjtsD52dmdLqff86+jVvaYMLOen9Bp1xf2ODuYMyRE:KQtlUVRMstsD5pAfujVvaYML59RIgq

    • Renames multiple (555) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks