70b68ac1477e49a4342383c6eff1056f6a18ff0727aa20630e9e7bc8701011f1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

sample

windows10-2004-x64

sample

windows11-21h2-x64

1

Resubmissions

05/08/2024, 17:14 UTC

240805-vrzlqawfqe 8

05/08/2024, 17:12 UTC

240805-vq6zeawfpd 1

05/08/2024, 17:11 UTC

240805-vqak7ssfjr 10

05/08/2024, 17:08 UTC

240805-vnj2vswfjf 7

05/08/2024, 17:04 UTC

240805-vlqrmasenp 10

05/08/2024, 17:01 UTC

240805-vj1ttawelb 6

Sharing

General

Target

sample
Size

7KB
Sample

240805-vrzlqawfqe
MD5

4b320922990cfb723b67147a7a97d345
SHA1

5d134dcee4aaeadbea36761640434a45c708b081
SHA256

70b68ac1477e49a4342383c6eff1056f6a18ff0727aa20630e9e7bc8701011f1
SHA512

b21548566a22c31ca19de100264d1c2cefe0c8d8a0361f325194e6514453813376da301b4bb71c9ac0e4c3c1c84589276af79e7f48dd4e6d8ae553590ac823d3
SSDEEP

96:SDQ1jWHRUV/okJOlIDNSW0S9I3gtYEMLX+jZEBZu:oQHokYlIVYFSjZmu

Score

8^/10

discovery evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

sample

Resource

win10v2004-20240802-en

discovery evasion ransomware

windows10-2004-x64

17 signatures

300 seconds

Behavioral task

behavioral2

Sample

sample

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

300 seconds

Malware Config

Targets

- Target
  
  sample
- Size
  
  7KB
- MD5
  
  4b320922990cfb723b67147a7a97d345
- SHA1
  
  5d134dcee4aaeadbea36761640434a45c708b081
- SHA256
  
  70b68ac1477e49a4342383c6eff1056f6a18ff0727aa20630e9e7bc8701011f1
- SHA512
  
  b21548566a22c31ca19de100264d1c2cefe0c8d8a0361f325194e6514453813376da301b4bb71c9ac0e4c3c1c84589276af79e7f48dd4e6d8ae553590ac823d3
- SSDEEP
  
  96:SDQ1jWHRUV/okJOlIDNSW0S9I3gtYEMLX+jZEBZu:oQHokYlIVYFSjZmu
Score

8^/10

discovery evasion ransomware
- Disables Task Manager via registry modification
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Legitimate hosting services abused for malware hosting/C2
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

discoveryevasionransomware

behavioral2

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.