Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    98ff2fb41eea0fdc5a1aee7f6477f16b7a341a472cd66f5fb2416142449d4d27

  • Size

    820KB

  • Sample

    241021-a7qnjazepc

  • MD5

    acd456d1bc10f69c6bc6960c5f8597b1

  • SHA1

    a7ef9bde2982468e27274fff03a2594c327cfde1

  • SHA256

    98ff2fb41eea0fdc5a1aee7f6477f16b7a341a472cd66f5fb2416142449d4d27

  • SHA512

    72da72b8787cf0834cddd0e328b15bb99e0f32642bbe6f0057dca282a984f2bab3c30cd8b26cdbb309b773ff26f09884f8c470e1685c84d4342c5bbfd31e3290

  • SSDEEP

    24576:9jyldlbuVMGLbMMHMMMvMMZMMMKzb6XmMMMiMMMz8JMMHMMM6MMZMMMeXNMMzMMu:9hTMMHMMMvMMZMMMlmMMMiMMMYJMMHMr

Malware Config

Targets

    • Target

      98ff2fb41eea0fdc5a1aee7f6477f16b7a341a472cd66f5fb2416142449d4d27

    • Size

      820KB

    • MD5

      acd456d1bc10f69c6bc6960c5f8597b1

    • SHA1

      a7ef9bde2982468e27274fff03a2594c327cfde1

    • SHA256

      98ff2fb41eea0fdc5a1aee7f6477f16b7a341a472cd66f5fb2416142449d4d27

    • SHA512

      72da72b8787cf0834cddd0e328b15bb99e0f32642bbe6f0057dca282a984f2bab3c30cd8b26cdbb309b773ff26f09884f8c470e1685c84d4342c5bbfd31e3290

    • SSDEEP

      24576:9jyldlbuVMGLbMMHMMMvMMZMMMKzb6XmMMMiMMMz8JMMHMMM6MMZMMMeXNMMzMMu:9hTMMHMMMvMMZMMMlmMMMiMMMYJMMHMr

    • Renames multiple (318) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks