Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
22/08/2024, 18:43 UTC
240822-xc563asamh 1021/08/2024, 17:16 UTC
240821-vtjnaathnq 1030/06/2024, 00:59 UTC
240630-bcjr6svbkk 1020/06/2024, 02:02 UTC
240620-cf43ysxbnk 1020/06/2024, 01:44 UTC
240620-b5v1xawemk 1019/06/2024, 01:10 UTC
240619-bjmseavfmp 1018/06/2024, 20:40 UTC
240618-zfwsxawdpa 1018/06/2024, 13:45 UTC
240618-q2vcjawdle 10Analysis
-
max time kernel
51s -
max time network
56s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
19/06/2024, 01:10 UTC
General
-
Target
Documents/Ransomware.Mamba/131.exe
-
Size
2.3MB
-
MD5
409d80bb94645fbc4a1fa61c07806883
-
SHA1
4080bb3a28c2946fd9b72f6b51fe15de74cbb1e1
-
SHA256
2ecc525177ed52c74ddaaacd47ad513450e85c01f2616bf179be5b576164bf63
-
SHA512
a99a2f17d9fbb1da9fb993b976df63afa74317666eca46d1f04e7e6e24149547d1ac7210f673caeae9b23a900528ad6ad0a7b98780eff458d3d505029a06e9ba
-
SSDEEP
49152:XM16E7qUoM5NWX7DP+1egOhcraQzK6j97V:c16/rM5oW1ZrRz
Score
1/10
Malware Config
Signatures
Processes
-
C:\Users\Admin\AppData\Local\Temp\Documents\Ransomware.Mamba\131.exe"C:\Users\Admin\AppData\Local\Temp\Documents\Ransomware.Mamba\131.exe"1⤵
Network
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR -
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
DNS8.8.8.8.in-addr.arpaRemote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
No results found
-
8.8.8.8:538.8.8.8.in-addr.arpadns
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa
DNS Request
8.8.8.8.in-addr.arpa