Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

Programado...at.cmd

windows10-2004-x64

9

Resubmissions

22/09/2023, 19:23

230922-x3rrcshh5w 6

22/09/2023, 19:18

230922-xz48aabh64 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Programador intelijente.para nada un bat.cmd

  • Size

    514B

  • Sample

    230922-xz48aabh64

  • MD5

    d335bfb5ea66ae9cd22040b0b0b93817

  • SHA1

    2d9ecf0af2392dcdd142584c1cfed0a47c4451ce

  • SHA256

    e3c7c6bad4e82bb87c16e2961854829855c533bae311f429a417f226c9e65cd2

  • SHA512

    6a8ff7b5f96584ab63ccff244cdb16db0ad5b3e23318d4210298c726b3d5eddad279ded2938ba5ee6e7153e9c3336afd762fc25dd14a15eb97ef880be2ee77cc

Score
9/10
persistenceransomware

Malware Config

Targets

    • Target

      Programador intelijente.para nada un bat.cmd

    • Size

      514B

    • MD5

      d335bfb5ea66ae9cd22040b0b0b93817

    • SHA1

      2d9ecf0af2392dcdd142584c1cfed0a47c4451ce

    • SHA256

      e3c7c6bad4e82bb87c16e2961854829855c533bae311f429a417f226c9e65cd2

    • SHA512

      6a8ff7b5f96584ab63ccff244cdb16db0ad5b3e23318d4210298c726b3d5eddad279ded2938ba5ee6e7153e9c3336afd762fc25dd14a15eb97ef880be2ee77cc

    Score
    9/10
    persistenceransomware

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Modifies Installed Components in the registry

      persistence

    • Modifies system executable filetype association

      persistence

    • Registers COM server for autorun

      persistence

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks