Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

virus_scan_logo.png

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    virus_scan_logo.png

  • Size

    41KB

  • Sample

    240429-zkbcrsbh26

  • MD5

    c011777c94a1cb4bae85a4d523e2c252

  • SHA1

    41ccd278bab038873102738c638102ee71baddfb

  • SHA256

    085b6dbdaac8d0ef9ab76dfa2e958b730f39db18a71219215c54867037badc60

  • SHA512

    37d940cfb5990b0a51308a796b898bc35d06d0120abf66fe0f283b3214520d02d6a5d5d72ead5c81a297e83343899eba1a4f502135bd96f5d32c4a600302846c

  • SSDEEP

    768:7TLsVAwQONOwHKsfQ52U/UThrZsTC47s/zXQtX8bFiubeVjPdlPnXoFzi/:7GAwNNOOQ5chGn7MbWX89eL7nwC

Score
10/10
evasionpersistenceransomwaretrojan

Malware Config

Targets

    • Target

      virus_scan_logo.png

    • Size

      41KB

    • MD5

      c011777c94a1cb4bae85a4d523e2c252

    • SHA1

      41ccd278bab038873102738c638102ee71baddfb

    • SHA256

      085b6dbdaac8d0ef9ab76dfa2e958b730f39db18a71219215c54867037badc60

    • SHA512

      37d940cfb5990b0a51308a796b898bc35d06d0120abf66fe0f283b3214520d02d6a5d5d72ead5c81a297e83343899eba1a4f502135bd96f5d32c4a600302846c

    • SSDEEP

      768:7TLsVAwQONOwHKsfQ52U/UThrZsTC47s/zXQtX8bFiubeVjPdlPnXoFzi/:7GAwNNOOQ5chGn7MbWX89eL7nwC

    Score
    10/10
    evasionpersistenceransomwaretrojan

    • UAC bypass

      evasiontrojan

    • Disables Task Manager via registry modification

      evasion

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks