Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f699228149c86f6dfa513730d42f8947df6088027905aba2e53ea08b9ada75c4N
-
Size
101KB
-
Sample
241016-ht5vassfqk
-
MD5
5ed79d464253d701787f9b9a29752080
-
SHA1
7ee2163b08634e136e41818fc9ac578ec016d5f2
-
SHA256
f699228149c86f6dfa513730d42f8947df6088027905aba2e53ea08b9ada75c4
-
SHA512
60ff047bb84c2124dd9b9ce0b6bc627673dfb386928c4fad59217e20036a1825f55f4a9ebebabb5f9b7c94670b035f8cecabf0ba3016f795233589fcea0b66ab
-
SSDEEP
1536:/7ZQpAplJwsJwwneuYm0mj7ZQpAplJwsJwwneuYm0mUMAM8:9QWpjnxQWpjnw
Static task
static1
Behavioral task
behavioral1
Sample
f699228149c86f6dfa513730d42f8947df6088027905aba2e53ea08b9ada75c4N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f699228149c86f6dfa513730d42f8947df6088027905aba2e53ea08b9ada75c4N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
f699228149c86f6dfa513730d42f8947df6088027905aba2e53ea08b9ada75c4N
-
Size
101KB
-
MD5
5ed79d464253d701787f9b9a29752080
-
SHA1
7ee2163b08634e136e41818fc9ac578ec016d5f2
-
SHA256
f699228149c86f6dfa513730d42f8947df6088027905aba2e53ea08b9ada75c4
-
SHA512
60ff047bb84c2124dd9b9ce0b6bc627673dfb386928c4fad59217e20036a1825f55f4a9ebebabb5f9b7c94670b035f8cecabf0ba3016f795233589fcea0b66ab
-
SSDEEP
1536:/7ZQpAplJwsJwwneuYm0mj7ZQpAplJwsJwwneuYm0mUMAM8:9QWpjnxQWpjnw
Score9/10-
Renames multiple (4312) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-