Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
16s -
max time network
12s -
platform
windows7_x64 -
resource
win7v200722 -
submitted
03/09/2020, 14:14
General
-
Target
win.bin.exe
-
Size
4.7MB
-
MD5
5c53adced5f26c4d2e5112316a67ffd1
-
SHA1
c64636e272b0d1e881c68fda45df4f9c19d4aadc
-
SHA256
f8766ecc7775a6b14e6e46ef1e162cb609179c7a44e39a393c8fcd2ef0cd8ff0
-
SHA512
78687f9f8d1364e4caf6a3d553b3559ccf0e5d5443494fbc14639ec2f98e25e999962985bb71477fa1773a75b74e367388f1f628ccf85de531f39dad9815eead
Score
10/10
Malware Config
Extracted
Path
\??\c:\ReadMe.txt
Ransom Note
Hello
IF YOU ARE READING THIS, IT MEANS YOUR DATA IS ENCRYPTED AND YOUR PRIVATE SENSIVITIVE INFORMATION WAS STOLEN!
READ CAREFULLY THE WHOLE INSTRUCTIONS TO AVOID PROBLEMS WITH YOUR DATA
YOU HAVE TO CONTACT US IMMEDIATELY TO RESOLVE THIS ISSUE AND MAKE A DEAL!
!!!WARNING!!!
DO NOT Modify, Rename, Copy or Move any file. You can DAMAGE them and decryption will be impossible!
DO NOT Use any third-party or public decryption software, it also may DAMAGE files.
DO NOT SHUTDOWN or RESET your system, it can damage files.
There is ONLY ONE possible way to get back your files
Do not waste your time, contact us and pay for special DECRYPTION KEY. The key is all you need.
For your guarantee we will decrypt 2 of your files for free, as a proof that it works.
Your network was fully COMPROMISED! We Can discuss how to secure it as a bonus.
The data that we gathered could be published in MASS MEDIA for BREAKING NEWS!
If we make a deal everything would be kept in secret and all your data will be restored.
I could make them public them if you decide not to pay.
contact us immediately:
[email protected]
Emails
Signatures
-
Drops desktop.ini file(s) 6 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\win.bin.exe"C:\Users\Admin\AppData\Local\Temp\win.bin.exe"1⤵
- Drops desktop.ini file(s)
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.9MB
-
Filesize
4.9MB
-
Filesize
4.9MB