Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    79019053962a84060ed2553c04d916c1fdcf5163761724bae5214047a33939f4N

  • Size

    180KB

  • Sample

    241021-cvsy8swbjq

  • MD5

    c49f50aaa5a983ad55bd5b21888654b0

  • SHA1

    ff3e763edaec500c46295f963f223b188f69bf9d

  • SHA256

    79019053962a84060ed2553c04d916c1fdcf5163761724bae5214047a33939f4

  • SHA512

    ab768b00730ccdc5600d12cb9e3145bf185e581e4b83b106c1d0b311e1ac4e1429d3176f19e13626b11a8e86597eb28fdf7e0ffd36174b83ced4575c5dd5b1fc

  • SSDEEP

    1536:a7ZyqaFAlsr1++PJHJXFAIuZAIuXsJtLJtR7ZyqaFAlsr1++PJHJXFAIuZAIuXs9:enaym3AIuZAIuXInaym3AIuZAIuXa

Malware Config

Targets

    • Target

      79019053962a84060ed2553c04d916c1fdcf5163761724bae5214047a33939f4N

    • Size

      180KB

    • MD5

      c49f50aaa5a983ad55bd5b21888654b0

    • SHA1

      ff3e763edaec500c46295f963f223b188f69bf9d

    • SHA256

      79019053962a84060ed2553c04d916c1fdcf5163761724bae5214047a33939f4

    • SHA512

      ab768b00730ccdc5600d12cb9e3145bf185e581e4b83b106c1d0b311e1ac4e1429d3176f19e13626b11a8e86597eb28fdf7e0ffd36174b83ced4575c5dd5b1fc

    • SSDEEP

      1536:a7ZyqaFAlsr1++PJHJXFAIuZAIuXsJtLJtR7ZyqaFAlsr1++PJHJXFAIuZAIuXs9:enaym3AIuZAIuXInaym3AIuZAIuXa

    • Renames multiple (3018) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks