Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

5

23c2f70571...cN.exe

windows7-x64

9

23c2f70571...cN.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    23c2f705711b17b19b5759a3e5d4153b8f5eb856195fc54a1caab74f596eaf0cN

  • Size

    525KB

  • Sample

    241014-kp12naxcpq

  • MD5

    ce65881ed7d49dc88b9a8aabf3846a80

  • SHA1

    2d24120fa547e4808058c19bcbed60627e90cf5a

  • SHA256

    23c2f705711b17b19b5759a3e5d4153b8f5eb856195fc54a1caab74f596eaf0c

  • SHA512

    d8e5898114c3319662f788ff2143f1a5ca36a6b82ca643e342f5e42ef803ddd8237a7c3efd03683f771562d9d84a0445f4fae7eca7a15c5a3e184e8d7759a899

  • SSDEEP

    6144:KWRt+eH9BpoxJI3ANJuBN0PDGxWSqqcfrj8XzL/3upuqs8j8IvwvWGEuTt3n8/yR:HRtEZNJuzVrcX8GW8j5veWpuTtMf8

Score
9/10
discoveryransomwareupx

Malware Config

Targets

    • Target

      23c2f705711b17b19b5759a3e5d4153b8f5eb856195fc54a1caab74f596eaf0cN

    • Size

      525KB

    • MD5

      ce65881ed7d49dc88b9a8aabf3846a80

    • SHA1

      2d24120fa547e4808058c19bcbed60627e90cf5a

    • SHA256

      23c2f705711b17b19b5759a3e5d4153b8f5eb856195fc54a1caab74f596eaf0c

    • SHA512

      d8e5898114c3319662f788ff2143f1a5ca36a6b82ca643e342f5e42ef803ddd8237a7c3efd03683f771562d9d84a0445f4fae7eca7a15c5a3e184e8d7759a899

    • SSDEEP

      6144:KWRt+eH9BpoxJI3ANJuBN0PDGxWSqqcfrj8XzL/3upuqs8j8IvwvWGEuTt3n8/yR:HRtEZNJuzVrcX8GW8j5veWpuTtMf8

    Score
    9/10
    discoveryransomwareupx

    • Renames multiple (3271) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks