27052339536a08543f16b5fa0deb4ce554a70b697b27ee0143302d7e6ec4fe2f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

bee movie script

windows7-x64

Resubmissions

16/05/2023, 23:26

230516-3e3rlscb3s 1

16/05/2023, 23:26

230516-3ethyada47 1

16/05/2023, 23:18

230516-3aeh8ada35 5

16/05/2023, 23:15

230516-28vgnada28 10

16/05/2023, 23:13

230516-27wnbsca81 1

16/05/2023, 23:10

230516-257mtaca8x 6

Sharing

General

Target

bee movie script
Size

48KB
Sample

230516-28vgnada28
MD5

82efebf8c7b591240c3fc56307a121a2
SHA1

93ae3d6436613af8a6957db81e1701fbc50de7a8
SHA256

27052339536a08543f16b5fa0deb4ce554a70b697b27ee0143302d7e6ec4fe2f
SHA512

26a776d2c6bbf6c401c0970a04ef7ec83ca3931c2a74e6b19d0d8bb1e84276b5a1c37d0fe00bf0022568e9ad311adffced95dbc50b0c0b0aa6e16a9bde891066
SSDEEP

1536:ijaPW66ps+TjnDPZJ8Gr6JFDhCrXWqfuz0m/+7:imPEs+TjnVJ8hDh6X/2zn+7

Score

10^/10

evasion persistence ransomware

Static task

static1

Behavioral task

behavioral1

Sample

bee movie script

Resource

win7-20230220-en

evasion persistence ransomware

windows7-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  bee movie script
- Size
  
  48KB
- MD5
  
  82efebf8c7b591240c3fc56307a121a2
- SHA1
  
  93ae3d6436613af8a6957db81e1701fbc50de7a8
- SHA256
  
  27052339536a08543f16b5fa0deb4ce554a70b697b27ee0143302d7e6ec4fe2f
- SHA512
  
  26a776d2c6bbf6c401c0970a04ef7ec83ca3931c2a74e6b19d0d8bb1e84276b5a1c37d0fe00bf0022568e9ad311adffced95dbc50b0c0b0aa6e16a9bde891066
- SSDEEP
  
  1536:ijaPW66ps+TjnDPZJ8Gr6JFDhCrXWqfuz0m/+7:imPEs+TjnVJ8hDh6X/2zn+7
Score

10^/10

evasion persistence ransomware
- Modifies visibility of file extensions in Explorer
  evasion
- Modifies Installed Components in the registry
  persistence
- Drops startup file
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

evasionpersistenceransomware

© 2018-2025

Terms | Privacy