Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9a914b54efdb7cd143fee03ac8923d21673e3802fddde72de77f28347826bc41N
-
Size
1.2MB
-
Sample
241020-ytrknszann
-
MD5
ee0abaa77fbaeb46ffc1f99b40bae0b0
-
SHA1
a6fede3a66d7b602ec346d025e52922498a3e7f0
-
SHA256
9a914b54efdb7cd143fee03ac8923d21673e3802fddde72de77f28347826bc41
-
SHA512
cdf51b8030a81f55d0d541afb4fa96cf14220629d3c2d8d27a3e807a9d7ef6827cf4d420e10bcdac8c7da9a8cb7e2b3f08a88b583010836b4a783957c45dc98f
-
SSDEEP
12288:9j/Nmt0LDlLi2UMZxEWYLfYs/Kibyt81gkngqOkWW7JuIWfc1uqEN1/fmfMo8HRU:9j/Li07YTl/6K1OkWUiNj/3HRZh/u
Static task
static1
Behavioral task
behavioral1
Sample
9a914b54efdb7cd143fee03ac8923d21673e3802fddde72de77f28347826bc41N.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
9a914b54efdb7cd143fee03ac8923d21673e3802fddde72de77f28347826bc41N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9a914b54efdb7cd143fee03ac8923d21673e3802fddde72de77f28347826bc41N
-
Size
1.2MB
-
MD5
ee0abaa77fbaeb46ffc1f99b40bae0b0
-
SHA1
a6fede3a66d7b602ec346d025e52922498a3e7f0
-
SHA256
9a914b54efdb7cd143fee03ac8923d21673e3802fddde72de77f28347826bc41
-
SHA512
cdf51b8030a81f55d0d541afb4fa96cf14220629d3c2d8d27a3e807a9d7ef6827cf4d420e10bcdac8c7da9a8cb7e2b3f08a88b583010836b4a783957c45dc98f
-
SSDEEP
12288:9j/Nmt0LDlLi2UMZxEWYLfYs/Kibyt81gkngqOkWW7JuIWfc1uqEN1/fmfMo8HRU:9j/Li07YTl/6K1OkWUiNj/3HRZh/u
Score9/10-
Renames multiple (316) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-