8cdd2fe5990836816361ce46cce780a56b70456ae2b4c6595fcb6cc2601c754a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

WannaBitcoin.exe

windows7_x64

8

WannaBitcoin.exe

windows10_x64

8

Sharing

General

Target

WannaBitcoin.exe
Size

12.3MB
Sample

211220-r2vhzabfcq
MD5

114edffe6d90393ac464866ddf138f90
SHA1

97ebbf910fd31a626126311453f8ee87171eb92d
SHA256

8cdd2fe5990836816361ce46cce780a56b70456ae2b4c6595fcb6cc2601c754a
SHA512

1197d4e60bfc67d2b2cb13b424394bb8e6d5086514fc9c8965171a5b544b714405dd861bac058cac9c532e6d18b23344c41111dbb9db353a822910cfb40b155c

Score

8^/10

ransomware

Static task

static1

Behavioral task

behavioral1

Sample

WannaBitcoin.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

WannaBitcoin.exe

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  WannaBitcoin.exe
- Size
  
  12.3MB
- MD5
  
  114edffe6d90393ac464866ddf138f90
- SHA1
  
  97ebbf910fd31a626126311453f8ee87171eb92d
- SHA256
  
  8cdd2fe5990836816361ce46cce780a56b70456ae2b4c6595fcb6cc2601c754a
- SHA512
  
  1197d4e60bfc67d2b2cb13b424394bb8e6d5086514fc9c8965171a5b544b714405dd861bac058cac9c532e6d18b23344c41111dbb9db353a822910cfb40b155c
Score

8^/10

ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Drops desktop.ini file(s)
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy