Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
98ff2fb41eea0fdc5a1aee7f6477f16b7a341a472cd66f5fb2416142449d4d27
-
Size
820KB
-
Sample
241021-a7qnjazepc
-
MD5
acd456d1bc10f69c6bc6960c5f8597b1
-
SHA1
a7ef9bde2982468e27274fff03a2594c327cfde1
-
SHA256
98ff2fb41eea0fdc5a1aee7f6477f16b7a341a472cd66f5fb2416142449d4d27
-
SHA512
72da72b8787cf0834cddd0e328b15bb99e0f32642bbe6f0057dca282a984f2bab3c30cd8b26cdbb309b773ff26f09884f8c470e1685c84d4342c5bbfd31e3290
-
SSDEEP
24576:9jyldlbuVMGLbMMHMMMvMMZMMMKzb6XmMMMiMMMz8JMMHMMM6MMZMMMeXNMMzMMu:9hTMMHMMMvMMZMMMlmMMMiMMMYJMMHMr
Static task
static1
Behavioral task
behavioral1
Sample
98ff2fb41eea0fdc5a1aee7f6477f16b7a341a472cd66f5fb2416142449d4d27.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
98ff2fb41eea0fdc5a1aee7f6477f16b7a341a472cd66f5fb2416142449d4d27.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
98ff2fb41eea0fdc5a1aee7f6477f16b7a341a472cd66f5fb2416142449d4d27
-
Size
820KB
-
MD5
acd456d1bc10f69c6bc6960c5f8597b1
-
SHA1
a7ef9bde2982468e27274fff03a2594c327cfde1
-
SHA256
98ff2fb41eea0fdc5a1aee7f6477f16b7a341a472cd66f5fb2416142449d4d27
-
SHA512
72da72b8787cf0834cddd0e328b15bb99e0f32642bbe6f0057dca282a984f2bab3c30cd8b26cdbb309b773ff26f09884f8c470e1685c84d4342c5bbfd31e3290
-
SSDEEP
24576:9jyldlbuVMGLbMMHMMMvMMZMMMKzb6XmMMMiMMMz8JMMHMMM6MMZMMMeXNMMzMMu:9hTMMHMMMvMMZMMMlmMMMiMMMYJMMHMr
Score9/10-
Renames multiple (318) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-