Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
136045b8a44dc4f07afedc76ce86b9bffc1a33d82fcf87ea5907dee8db52cff2N
-
Size
4.9MB
-
Sample
241021-cr7cfstdqe
-
MD5
1ab5520e9964683de145d144f3956660
-
SHA1
d092f1837bbe9e5598a971f72ab8d77275573667
-
SHA256
136045b8a44dc4f07afedc76ce86b9bffc1a33d82fcf87ea5907dee8db52cff2
-
SHA512
0912e31a346a5a4b18450ed5fa90a652e9b1bca4f97c50bd06a7357e019e07803da9d5581c3dc140b760e68f56ce8fb698ff16c34677a9ddfa422294fea1564e
-
SSDEEP
49152:9mREqNZcBpeapeApIDn0apLKkLJU9nU2foKhA4vSWidGHp+NDGQUzbpDOfjxAkrh:Ypv/LK3BDhtvS0Hpe4zbpaAKQkroGIC
Static task
static1
Behavioral task
behavioral1
Sample
136045b8a44dc4f07afedc76ce86b9bffc1a33d82fcf87ea5907dee8db52cff2N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
136045b8a44dc4f07afedc76ce86b9bffc1a33d82fcf87ea5907dee8db52cff2N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
136045b8a44dc4f07afedc76ce86b9bffc1a33d82fcf87ea5907dee8db52cff2N
-
Size
4.9MB
-
MD5
1ab5520e9964683de145d144f3956660
-
SHA1
d092f1837bbe9e5598a971f72ab8d77275573667
-
SHA256
136045b8a44dc4f07afedc76ce86b9bffc1a33d82fcf87ea5907dee8db52cff2
-
SHA512
0912e31a346a5a4b18450ed5fa90a652e9b1bca4f97c50bd06a7357e019e07803da9d5581c3dc140b760e68f56ce8fb698ff16c34677a9ddfa422294fea1564e
-
SSDEEP
49152:9mREqNZcBpeapeApIDn0apLKkLJU9nU2foKhA4vSWidGHp+NDGQUzbpDOfjxAkrh:Ypv/LK3BDhtvS0Hpe4zbpaAKQkroGIC
Score9/10-
Renames multiple (316) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-