Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0ba5401f7f208dd496c5eef217d22bbf1f6ad4ba812dd7f6dad1d904cb8d2e7cN
-
Size
150KB
-
Sample
241003-z1vfkswhpp
-
MD5
2fae8bf112f2c27095388c5e604106b0
-
SHA1
9c8c8583603b3c6682bedad5de6507267d13d938
-
SHA256
0ba5401f7f208dd496c5eef217d22bbf1f6ad4ba812dd7f6dad1d904cb8d2e7c
-
SHA512
c03d2cda95ab70d35ecb15fcbc43be703978fca89652b8d051a30a16269381b03f9fa685f129088458c389d0abefb0eb70475ff532dd78cd196ef8165852dbb4
-
SSDEEP
1536:V7Zf/FAxTWtnMdyGdyt7Zf/FAxTWtnMdyGdyj:fnyGnBnyGnN
Behavioral task
behavioral1
Sample
0ba5401f7f208dd496c5eef217d22bbf1f6ad4ba812dd7f6dad1d904cb8d2e7cN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0ba5401f7f208dd496c5eef217d22bbf1f6ad4ba812dd7f6dad1d904cb8d2e7cN.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
0ba5401f7f208dd496c5eef217d22bbf1f6ad4ba812dd7f6dad1d904cb8d2e7cN
-
Size
150KB
-
MD5
2fae8bf112f2c27095388c5e604106b0
-
SHA1
9c8c8583603b3c6682bedad5de6507267d13d938
-
SHA256
0ba5401f7f208dd496c5eef217d22bbf1f6ad4ba812dd7f6dad1d904cb8d2e7c
-
SHA512
c03d2cda95ab70d35ecb15fcbc43be703978fca89652b8d051a30a16269381b03f9fa685f129088458c389d0abefb0eb70475ff532dd78cd196ef8165852dbb4
-
SSDEEP
1536:V7Zf/FAxTWtnMdyGdyt7Zf/FAxTWtnMdyGdyj:fnyGnBnyGnN
Score9/10-
Renames multiple (3771) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-