Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

6d35b01dbe...in.exe

windows7_x64

10

6d35b01dbe...in.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d35b01dbe014c6efc18d587c2be5e12617e1681cc670ba5c49fe7ead9de780e.bin

  • Size

    60KB

  • Sample

    201103-eq7marrnz2

  • MD5

    9b5f5e7d14bd7d73b5adda12d4015ef4

  • SHA1

    a41daf00a0193a8d8583801f8cb20405d9678296

  • SHA256

    6d35b01dbe014c6efc18d587c2be5e12617e1681cc670ba5c49fe7ead9de780e

  • SHA512

    83042c7a33d27edd86e1d9303fb587c1456017d2a87ab82bba80a9360569432197ecc599b2b810d0f71c91d6f3116e390ea6244fc0630a972a50da8f825e18de

Score
10/10
wastedlockerdiscoveryexploitpersistenceransomware

Malware Config

Targets

    • Target

      6d35b01dbe014c6efc18d587c2be5e12617e1681cc670ba5c49fe7ead9de780e.bin

    • Size

      60KB

    • MD5

      9b5f5e7d14bd7d73b5adda12d4015ef4

    • SHA1

      a41daf00a0193a8d8583801f8cb20405d9678296

    • SHA256

      6d35b01dbe014c6efc18d587c2be5e12617e1681cc670ba5c49fe7ead9de780e

    • SHA512

      83042c7a33d27edd86e1d9303fb587c1456017d2a87ab82bba80a9360569432197ecc599b2b810d0f71c91d6f3116e390ea6244fc0630a972a50da8f825e18de

    Score
    10/10
    wastedlockerdiscoveryexploitpersistenceransomware

    • WastedLocker

      Ransomware family seen in the wild since May 2020.

      ransomwarewastedlocker

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Executes dropped EXE

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Possible privilege escalation attempt

      exploit

    • Deletes itself

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Drops file in System32 directory

    • Modifies service

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks