Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    45ff8f89a54af7ecc5d60d68474d0deaa113f22afc69889c2a2e1e04940d3549N

  • Size

    73KB

  • Sample

    241016-bfrxysygkn

  • MD5

    9ab7b23ffd644e4d40c39f2514d59010

  • SHA1

    1c95dd16f69351af44f287aa8ea7dbd56928064b

  • SHA256

    45ff8f89a54af7ecc5d60d68474d0deaa113f22afc69889c2a2e1e04940d3549

  • SHA512

    59d928a88eddc63395d0ee3091dadbe4ea1c4ae2ca22f21e5bdd9a63421a25bbdd38ca3b909251db529d038c69d9c04ba5d21eabf8119be9fe64dc63bb3499e1

  • SSDEEP

    768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9Ro+QOViJfo+QOViJqWbHBT37CPKKdJJ1EXBz:CTW7JJ7TPUnWbhTW7JJ7TPUnWiX

Malware Config

Targets

    • Target

      45ff8f89a54af7ecc5d60d68474d0deaa113f22afc69889c2a2e1e04940d3549N

    • Size

      73KB

    • MD5

      9ab7b23ffd644e4d40c39f2514d59010

    • SHA1

      1c95dd16f69351af44f287aa8ea7dbd56928064b

    • SHA256

      45ff8f89a54af7ecc5d60d68474d0deaa113f22afc69889c2a2e1e04940d3549

    • SHA512

      59d928a88eddc63395d0ee3091dadbe4ea1c4ae2ca22f21e5bdd9a63421a25bbdd38ca3b909251db529d038c69d9c04ba5d21eabf8119be9fe64dc63bb3499e1

    • SSDEEP

      768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9Ro+QOViJfo+QOViJqWbHBT37CPKKdJJ1EXBz:CTW7JJ7TPUnWbhTW7JJ7TPUnWiX

    • Renames multiple (4214) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks