Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Ransomware...in.zip

windows10-1703-x64

1

Ransomware...er.zip

windows10-1703-x64

1

cerber.exe

windows10-1703-x64

10

Ransomware...ll.zip

windows10-1703-x64

1

cryptowall.exe

windows10-1703-x64

3

Ransomware...aw.zip

windows10-1703-x64

1

jigsaw.exe

windows10-1703-x64

10

Ransomware...ICENSE

windows10-1703-x64

1

Ransomware...ky.zip

windows10-1703-x64

1

Locky.exe

windows10-1703-x64

10

Ransomware...ba.zip

windows10-1703-x64

1

Ransomware...nu.zip

windows10-1703-x64

1

Ransomware...ap.zip

windows10-1703-x64

1

Ransomware...ya.zip

windows10-1703-x64

1

Ransomware...DME.md

windows10-1703-x64

3

Ransomware...nt.zip

windows10-1703-x64

1

Ransomware...ot.zip

windows10-1703-x64

1

Ransomware...ex.zip

windows10-1703-x64

1

Ransomware...na.zip

windows10-1703-x64

1

Ransomware...pt.zip

windows10-1703-x64

1

Ransomware...os.zip

windows10-1703-x64

1

Ransomware..._0.zip

windows10-1703-x64

1

Ransomware...na.zip

windows10-1703-x64

1

Ransomware...ry.zip

windows10-1703-x64

1

Ransomware...us.zip

windows10-1703-x64

1

Ransomware...re.png

windows10-1703-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    136s
  • platform
    windows10-1703_x64
  • resource
    win10-20240221-en
  • resource tags

    arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
  • submitted
    26/02/2024, 07:18 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Ransomware-Samples-main/Mamba/Ransomware.Mamba.zip

  • Size

    1.0MB

  • MD5

    f94d1f4e2ce6c7cc81961361aab8a144

  • SHA1

    88189db0691667653fe1522c6b5673bf75aa44aa

  • SHA256

    610a52c340ebaff31093c5ef0d76032ac2acdc81a3431e68b244bf42905fd70a

  • SHA512

    7b7cf9a782549e75f87b8c62d091369b47c1b22c9a10dcf4a5d9f2db9a879ed3969316292d3944f95aeb67f34ae6dc6bbe2ae5ca497be3a25741a2aa204e66ad

  • SSDEEP

    24576:Uy0yC/fh9Dnt24GZrEXdjl3Fha3fXUkWpfnb:CyGf7TtCZrOll1svX0fb

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Ransomware-Samples-main\Mamba\Ransomware.Mamba.zip
    1⤵
      PID:2896

    Network

    • flag-us
      DNS
      11.227.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      11.227.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      1.173.189.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      1.173.189.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      180.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      180.178.17.96.in-addr.arpa
      IN PTR
      Response
      180.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-180deploystaticakamaitechnologiescom
    No results found
    • 8.8.8.8:53
      11.227.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      11.227.111.52.in-addr.arpa

    • 8.8.8.8:53
      1.173.189.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      1.173.189.20.in-addr.arpa

    • 8.8.8.8:53
      180.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      180.178.17.96.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.