e9eef6033b6923bdbb598211bb984e5ec980189bc737f8424e118f1274917041 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

Monogram-Y...os.jpg

windows10-1703-x64

Resubmissions

01/07/2023, 10:41

230701-mreybagf83 3

01/07/2023, 10:38

230701-mpsfmagf76 3

01/07/2023, 10:34

230701-mml6tshg8w 10

Sharing

General

Target

Monogram-YC-Logo-Design-by-Greenlines-Studios.jpg
Size

76KB
Sample

230701-mml6tshg8w
MD5

fcbe6ecf5fa25564adcc5a3694e6c492
SHA1

d04ff259ef996fb6b89f7f906b882c82854a9079
SHA256

e9eef6033b6923bdbb598211bb984e5ec980189bc737f8424e118f1274917041
SHA512

9203d849315190e9d259957181ba9c4f99cc8c99e241837e880e84c7a3be0e9c4872d5a86f1160b3d0affbbdfb5cd5142112de4616bc90bf39d682d2871f025a
SSDEEP

768:iMkobGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGqDO+ZP/pj2WoUlaFF:lMq+Z3pj2WllaFgbLrdlHwxEmqjBc3

Score

10^/10

evasion persistence ransomware trojan

Static task

static1

Behavioral task

behavioral1

Sample

Monogram-YC-Logo-Design-by-Greenlines-Studios.jpg

Resource

win10-20230621-en

evasion persistence ransomware trojan

windows10-1703-x64

22 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Monogram-YC-Logo-Design-by-Greenlines-Studios.jpg
- Size
  
  76KB
- MD5
  
  fcbe6ecf5fa25564adcc5a3694e6c492
- SHA1
  
  d04ff259ef996fb6b89f7f906b882c82854a9079
- SHA256
  
  e9eef6033b6923bdbb598211bb984e5ec980189bc737f8424e118f1274917041
- SHA512
  
  9203d849315190e9d259957181ba9c4f99cc8c99e241837e880e84c7a3be0e9c4872d5a86f1160b3d0affbbdfb5cd5142112de4616bc90bf39d682d2871f025a
- SSDEEP
  
  768:iMkobGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGqDO+ZP/pj2WoUlaFF:lMq+Z3pj2WllaFgbLrdlHwxEmqjBc3
Score

10^/10

evasion persistence ransomware trojan
- Modifies WinLogon for persistence
  persistence
- UAC bypass
  evasion trojan
- Disables RegEdit via registry modification
  evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Legitimate hosting services abused for malware hosting/C2
- Sets desktop wallpaper using registry
  ransomware
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Winlogon Helper DLL

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Hidden Files and Directories

Modify Registry

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

evasionpersistenceransomwaretrojan

© 2018-2025

Terms | Privacy