Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-10-08_8b14bd4c2104dbe913e9f0f54fcb45f7_bkransomware
-
Size
528KB
-
Sample
241008-y449hswfqd
-
MD5
8b14bd4c2104dbe913e9f0f54fcb45f7
-
SHA1
adaf7f4d02c66327ed1e8a5516e5180cc0680004
-
SHA256
4914b446f8aec422a8ea5c5608992ae45a6be2f5c312d88b1022865303fd15d8
-
SHA512
89af129061d94c53cb7145e326e1d7640232c140d351449ec506a4deb626afe76fcb731868af02fad4184bd2396772681099a61863b46eda0c5c1a596cbd849c
-
SSDEEP
12288:+oyIJsMPrPPp6bYboEdNnbBqdS11yMSzY:+gVPrPPs+oE7NqdYJSzY
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-08_8b14bd4c2104dbe913e9f0f54fcb45f7_bkransomware.exe
Resource
win7-20240708-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
2024-10-08_8b14bd4c2104dbe913e9f0f54fcb45f7_bkransomware
-
Size
528KB
-
MD5
8b14bd4c2104dbe913e9f0f54fcb45f7
-
SHA1
adaf7f4d02c66327ed1e8a5516e5180cc0680004
-
SHA256
4914b446f8aec422a8ea5c5608992ae45a6be2f5c312d88b1022865303fd15d8
-
SHA512
89af129061d94c53cb7145e326e1d7640232c140d351449ec506a4deb626afe76fcb731868af02fad4184bd2396772681099a61863b46eda0c5c1a596cbd849c
-
SSDEEP
12288:+oyIJsMPrPPp6bYboEdNnbBqdS11yMSzY:+gVPrPPs+oE7NqdYJSzY
-
Modifies firewall policy service
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5