Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

Trojan-Ran...er.exe

windows7-x64

8

Trojan-Ran...er.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Trojan-Ransom.Win32.Blocker.jgb-867c5428d815a2f2d26b333c60f12652c294c62bb20ca8092c98a2f5fb546b1b

  • Size

    392KB

  • Sample

    221107-hp4rfadag3

  • MD5

    07e60c5d7dfb6651e00c5f380cd50894

  • SHA1

    330aafef8d4001d1c80c2dfb3d23e979a874a7c5

  • SHA256

    867c5428d815a2f2d26b333c60f12652c294c62bb20ca8092c98a2f5fb546b1b

  • SHA512

    2aabd98293cd18bd426a7eb522502deabee13fe32b17bad3326340d6e3f9048671ce006b4bdbbe0f1dd781546858151277a792c1335e06e7ae211c43b8503d05

  • SSDEEP

    12288:Ot8vVED3Bk0Mr9Vif7/F1hIIaYHuvAIS28:Ot+gvMpVij/F1hV5HuvAIS

Score
8/10
persistence

Malware Config

Targets

    • Target

      Trojan-Ransom.Win32.Blocker.jgb-867c5428d815a2f2d26b333c60f12652c294c62bb20ca8092c98a2f5fb546b1b

    • Size

      392KB

    • MD5

      07e60c5d7dfb6651e00c5f380cd50894

    • SHA1

      330aafef8d4001d1c80c2dfb3d23e979a874a7c5

    • SHA256

      867c5428d815a2f2d26b333c60f12652c294c62bb20ca8092c98a2f5fb546b1b

    • SHA512

      2aabd98293cd18bd426a7eb522502deabee13fe32b17bad3326340d6e3f9048671ce006b4bdbbe0f1dd781546858151277a792c1335e06e7ae211c43b8503d05

    • SSDEEP

      12288:Ot8vVED3Bk0Mr9Vif7/F1hIIaYHuvAIS28:Ot+gvMpVij/F1hV5HuvAIS

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks