Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1d9d8d60d99d1140b173ec85db21119f315e5e8f41d734a62a607c0f5fb4dffb.exe

  • Size

    341KB

  • Sample

    250111-z4evassmcp

  • MD5

    bfba00ceab183b26b42fe6fead6b305e

  • SHA1

    64cea5ff1d9ca00d3f26ef7653223b8b8dd999ed

  • SHA256

    1d9d8d60d99d1140b173ec85db21119f315e5e8f41d734a62a607c0f5fb4dffb

  • SHA512

    179462e5e1f42c2f3541f2ff2284b99c8acc705edf9fc163134fc3304238de7ac5e54582b6ddb5b55ea248e91cb9f643b54c8a556ba48ff9ccdd00ba25c76ce3

  • SSDEEP

    3072:fny1tESQv+T3K7mvRIWXiqKkKGbTDVPuqny1tESQv+T3K7mvRIWXiqKkKGbTDVPu:KbESQvE6g9tTDVYbESQvE6g9tTDVW

Malware Config

Targets

    • Target

      1d9d8d60d99d1140b173ec85db21119f315e5e8f41d734a62a607c0f5fb4dffb.exe

    • Size

      341KB

    • MD5

      bfba00ceab183b26b42fe6fead6b305e

    • SHA1

      64cea5ff1d9ca00d3f26ef7653223b8b8dd999ed

    • SHA256

      1d9d8d60d99d1140b173ec85db21119f315e5e8f41d734a62a607c0f5fb4dffb

    • SHA512

      179462e5e1f42c2f3541f2ff2284b99c8acc705edf9fc163134fc3304238de7ac5e54582b6ddb5b55ea248e91cb9f643b54c8a556ba48ff9ccdd00ba25c76ce3

    • SSDEEP

      3072:fny1tESQv+T3K7mvRIWXiqKkKGbTDVPuqny1tESQv+T3K7mvRIWXiqKkKGbTDVPu:KbESQvE6g9tTDVYbESQvE6g9tTDVW

    • Renames multiple (2077) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks