Overview

overview

8

Static

static

Tray.exe

windows7_x64

8

Tray.exe

windows10_x64

8

Resubmissions

13/02/2022, 03:26

220213-dy59eafben 10

25/06/2021, 19:08

210625-fml1gypkn6 8

19/06/2021, 15:14

210619-d3391n953n 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Tray.exe

  • Size

    321KB

  • Sample

    210625-fml1gypkn6

  • MD5

    6585cb51ff21007fb9ef936e96c58982

  • SHA1

    7a3d5563460b9935fe84879ee14fabfc7c664825

  • SHA256

    e07b0cd7eca5bc70b07ea786c3ef4da28036c901effa2193a93caf945cb2b334

  • SHA512

    523c7b3ed0907a473eac04c8cb8642eeea1d3a223069f876a7e0bc18075d59f9903319f6b2e3c2fa262158f04c4ad3637568dd9b0558732c8a574ffe566efc7d

Score
8/10
ransomwarespywarestealer

Malware Config

Targets

    • Target

      Tray.exe

    • Size

      321KB

    • MD5

      6585cb51ff21007fb9ef936e96c58982

    • SHA1

      7a3d5563460b9935fe84879ee14fabfc7c664825

    • SHA256

      e07b0cd7eca5bc70b07ea786c3ef4da28036c901effa2193a93caf945cb2b334

    • SHA512

      523c7b3ed0907a473eac04c8cb8642eeea1d3a223069f876a7e0bc18075d59f9903319f6b2e3c2fa262158f04c4ad3637568dd9b0558732c8a574ffe566efc7d

    Score
    8/10
    spywarestealerransomware

    • Drops file in Drivers directory

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks