Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

f79275288b...05.exe

windows7_x64

10

f79275288b...05.exe

windows10_x64

10

Resubmissions

05/09/2020, 15:54

200905-8whhad83m2 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f79275288b3c6595220430984cc2a75576d8998b8f19e624c9fe6327e2602b05

  • Size

    588KB

  • Sample

    200905-8whhad83m2

  • MD5

    d4f2318beec5fb9fbe1c8e33472159a4

  • SHA1

    55f05db53254f8d129c3fabc91e1b46d93c81b92

  • SHA256

    f79275288b3c6595220430984cc2a75576d8998b8f19e624c9fe6327e2602b05

  • SHA512

    b1b23730841240b051034c36d9e8c69400212ae51f43a3c9f8f4ac79c860a1d2d7af9727e1ff1303a87f9146b22fbad5091f2a1879925b1a01922b949379d1e9

Score
10/10
persistenceransomwarespyware

Malware Config

Extracted

Path

C:\R3ADM3.txt

Ransom Note
The network is LOCKED. Do not try to use other software. For decryption tool write HERE: [email protected] [email protected] If you do not pay, we will publish private data on our news site.

Targets

    • Target

      f79275288b3c6595220430984cc2a75576d8998b8f19e624c9fe6327e2602b05

    • Size

      588KB

    • MD5

      d4f2318beec5fb9fbe1c8e33472159a4

    • SHA1

      55f05db53254f8d129c3fabc91e1b46d93c81b92

    • SHA256

      f79275288b3c6595220430984cc2a75576d8998b8f19e624c9fe6327e2602b05

    • SHA512

      b1b23730841240b051034c36d9e8c69400212ae51f43a3c9f8f4ac79c860a1d2d7af9727e1ff1303a87f9146b22fbad5091f2a1879925b1a01922b949379d1e9

    Score
    10/10
    ransomwarepersistencespyware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Drops desktop.ini file(s)

    • Modifies service

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks