Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    870b0e67bbe98778edd69393ab4efb9fa7542637eccd5f32ca0f006af36937a4N

  • Size

    60KB

  • Sample

    241020-x88l3awdqd

  • MD5

    87c66f73a6ab1e0c6d9473910c0b65e0

  • SHA1

    68f3caf1682e3623b52953532e1b1b2451c1c3ab

  • SHA256

    870b0e67bbe98778edd69393ab4efb9fa7542637eccd5f32ca0f006af36937a4

  • SHA512

    4fc7f0945413689f07e70bad5294d4b62b97f65df5af623874c71317f87c2d310573268a67ce85ab392ce71400a481edce22ce2f2c1d889977ffae940bf517c3

  • SSDEEP

    1536:CTWn1++PJHJXA/OsIZfzc3/Q8+g9VyjVyaJShJSn:KQSot

Malware Config

Targets

    • Target

      870b0e67bbe98778edd69393ab4efb9fa7542637eccd5f32ca0f006af36937a4N

    • Size

      60KB

    • MD5

      87c66f73a6ab1e0c6d9473910c0b65e0

    • SHA1

      68f3caf1682e3623b52953532e1b1b2451c1c3ab

    • SHA256

      870b0e67bbe98778edd69393ab4efb9fa7542637eccd5f32ca0f006af36937a4

    • SHA512

      4fc7f0945413689f07e70bad5294d4b62b97f65df5af623874c71317f87c2d310573268a67ce85ab392ce71400a481edce22ce2f2c1d889977ffae940bf517c3

    • SSDEEP

      1536:CTWn1++PJHJXA/OsIZfzc3/Q8+g9VyjVyaJShJSn:KQSot

    • Renames multiple (617) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks