Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

Sapphire R...re.exe

windows7_x64

8

Sapphire R...re.exe

windows10_x64

8

Resubmissions

13/02/2021, 10:08

210213-k64cwnpaca 8

13/02/2021, 09:57

210213-9jvt61cnp2 8

Analysis

  • max time kernel
    64s
  • max time network
    8s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    13/02/2021, 10:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Sapphire Ransomware.exe

  • Size

    213KB

  • MD5

    5d34cb57995a495652c7b3e547dfd77f

  • SHA1

    f7c08e536aafd24320b684fb1b1d36cd609f57aa

  • SHA256

    431a92656a59581ab6c0e413a4ee0bd4f27094f162c063e3bdc09a28f8090b28

  • SHA512

    a0bdfe559c19a86ca7360afc528b91c9b71fc9a283bc8b967bb1e273e7315ab81787855c216764c73ff8f468dde5490cfb693d9b4567349320c8f2209baa6bec

Score
8/10
evasion

Malware Config

Signatures

  • Disables Task Manager via registry modification
    evasion

Processes

  • C:\Users\Admin\AppData\Local\Temp\Sapphire Ransomware.exe
    "C:\Users\Admin\AppData\Local\Temp\Sapphire Ransomware.exe"
    1⤵
      PID:1928

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1928-2-0x000007FEF54A0000-0x000007FEF5E3D000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/1928-3-0x000007FEF54A0000-0x000007FEF5E3D000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/1928-4-0x0000000000A00000-0x0000000000A02000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1928-5-0x0000000000A06000-0x0000000000A25000-memory.dmp

      Filesize

      124KB

      Download

    • memory/1928-6-0x0000000000A25000-0x0000000000A26000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1928-7-0x0000000000A26000-0x0000000000A27000-memory.dmp

      Filesize

      4KB

      Download