Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9a914b54efdb7cd143fee03ac8923d21673e3802fddde72de77f28347826bc41N

  • Size

    1.2MB

  • Sample

    241020-ytrknszann

  • MD5

    ee0abaa77fbaeb46ffc1f99b40bae0b0

  • SHA1

    a6fede3a66d7b602ec346d025e52922498a3e7f0

  • SHA256

    9a914b54efdb7cd143fee03ac8923d21673e3802fddde72de77f28347826bc41

  • SHA512

    cdf51b8030a81f55d0d541afb4fa96cf14220629d3c2d8d27a3e807a9d7ef6827cf4d420e10bcdac8c7da9a8cb7e2b3f08a88b583010836b4a783957c45dc98f

  • SSDEEP

    12288:9j/Nmt0LDlLi2UMZxEWYLfYs/Kibyt81gkngqOkWW7JuIWfc1uqEN1/fmfMo8HRU:9j/Li07YTl/6K1OkWUiNj/3HRZh/u

Malware Config

Targets

    • Target

      9a914b54efdb7cd143fee03ac8923d21673e3802fddde72de77f28347826bc41N

    • Size

      1.2MB

    • MD5

      ee0abaa77fbaeb46ffc1f99b40bae0b0

    • SHA1

      a6fede3a66d7b602ec346d025e52922498a3e7f0

    • SHA256

      9a914b54efdb7cd143fee03ac8923d21673e3802fddde72de77f28347826bc41

    • SHA512

      cdf51b8030a81f55d0d541afb4fa96cf14220629d3c2d8d27a3e807a9d7ef6827cf4d420e10bcdac8c7da9a8cb7e2b3f08a88b583010836b4a783957c45dc98f

    • SSDEEP

      12288:9j/Nmt0LDlLi2UMZxEWYLfYs/Kibyt81gkngqOkWW7JuIWfc1uqEN1/fmfMo8HRU:9j/Li07YTl/6K1OkWUiNj/3HRZh/u

    • Renames multiple (316) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks