Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

Encryptor.exe

windows7-x64

1

Encryptor.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Encryptor.exe

  • Size

    275KB

  • Sample

    241015-ccb8rsxhqh

  • MD5

    04cd010315e0a958619211a633e5f9c0

  • SHA1

    dcf3f728e40c3f6d6879ea2b1b2f5d2930881a25

  • SHA256

    019a90f2cdb054f7302fb40b673d4883a569d43d982d4a710b4942787b8cec0b

  • SHA512

    716dd7288270fe01a4db89272c99ef1b08584518d74ecb3ff097ed8a25d41e167c5cae28c62a009682c566d7c5e711a09d6457e64e6d515243f6ce15a9cae9b2

  • SSDEEP

    6144:9csCKzugqUYynir0Z4IKlPqa4nEFlatBOALF:OKXqUYyir0Z4fr4EFJ4F

Score
9/10
credential_accessdiscoveryransomwarespywarestealer

Malware Config

Targets

    • Target

      Encryptor.exe

    • Size

      275KB

    • MD5

      04cd010315e0a958619211a633e5f9c0

    • SHA1

      dcf3f728e40c3f6d6879ea2b1b2f5d2930881a25

    • SHA256

      019a90f2cdb054f7302fb40b673d4883a569d43d982d4a710b4942787b8cec0b

    • SHA512

      716dd7288270fe01a4db89272c99ef1b08584518d74ecb3ff097ed8a25d41e167c5cae28c62a009682c566d7c5e711a09d6457e64e6d515243f6ce15a9cae9b2

    • SSDEEP

      6144:9csCKzugqUYynir0Z4IKlPqa4nEFlatBOALF:OKXqUYyir0Z4fr4EFJ4F

    Score
    9/10
    credential_accessdiscoveryransomwarespywarestealer

    • Renames multiple (1959) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

      credential_accessstealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks