Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Ransomware-master.zip

windows7-x64

3

Ransomware-master.zip

windows10-2004-x64

1

Ransomware...ICENSE

windows7-x64

1

Ransomware...ICENSE

windows10-2004-x64

1

Ransomware...DME.md

windows7-x64

3

Ransomware...DME.md

windows10-2004-x64

3

Ransomware...omware

windows7-x64

1

Ransomware...omware

windows10-2004-x64

1

Ransomware...er.zip

windows7-x64

1

Ransomware...er.zip

windows10-2004-x64

10

cerber.exe

windows7-x64

10

cerber.exe

windows10-2004-x64

10

Ransomware...ll.zip

windows7-x64

1

Ransomware...ll.zip

windows10-2004-x64

1

cryptowall.exe

windows7-x64

9

cryptowall.exe

windows10-2004-x64

3

Ransomware...aw.zip

windows7-x64

1

Ransomware...aw.zip

windows10-2004-x64

1

jigsaw.exe

windows7-x64

10

jigsaw.exe

windows10-2004-x64

10

Ransomware...ky.zip

windows7-x64

1

Ransomware...ky.zip

windows10-2004-x64

1

Locky.exe

windows7-x64

10

Locky.exe

windows10-2004-x64

10

Ransomware...ba.zip

windows7-x64

1

Ransomware...ba.zip

windows10-2004-x64

1

131.exe

windows7-x64

1

131.exe

windows10-2004-x64

3

Ransomware...nu.zip

windows7-x64

1

Ransomware...nu.zip

windows10-2004-x64

1

Matsnu-MBR...3 .exe

windows7-x64

7

Matsnu-MBR...3 .exe

windows10-2004-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/11/2024, 22:34 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Ransomware-master/LICENSE

  • Size

    1KB

  • MD5

    a31887cbb9ee63d417035c0c01213070

  • SHA1

    6beb39510e95e12f4f0426999fdb652c7742252b

  • SHA256

    13d93567d2d97b99868b6f263fe00f425aa95007d30297c3c55c685bde51d460

  • SHA512

    77e75fd7038201b602da56e86d2fff9eea22f1e703fee34f35fde0e6e3bb8434bd9b939db6853068d54fdb46182800e7638850a396a409dad83c3ecbc17bfb75

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Ransomware-master\LICENSE
    1⤵
      PID:4728

    Network

    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      232.168.11.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      232.168.11.51.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      88.210.23.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.210.23.2.in-addr.arpa
      IN PTR
      Response
      88.210.23.2.in-addr.arpa
      IN PTR
      a2-23-210-88deploystaticakamaitechnologiescom
    • flag-us
      DNS
      133.32.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      133.32.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      217.106.137.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      217.106.137.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      200.163.202.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      200.163.202.172.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      171.39.242.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      171.39.242.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      107.12.20.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      107.12.20.2.in-addr.arpa
      IN PTR
      Response
      107.12.20.2.in-addr.arpa
      IN PTR
      a2-20-12-107deploystaticakamaitechnologiescom
    • flag-us
      DNS
      21.236.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      21.236.111.52.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      66 B
       90 B
       1
      1

      DNS Request

      8.8.8.8.in-addr.arpa

    • 8.8.8.8:53
      232.168.11.51.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      232.168.11.51.in-addr.arpa

    • 8.8.8.8:53
      88.210.23.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      88.210.23.2.in-addr.arpa

    • 8.8.8.8:53
      133.32.126.40.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      133.32.126.40.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      217.106.137.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      217.106.137.52.in-addr.arpa

    • 8.8.8.8:53
      200.163.202.172.in-addr.arpa
      dns
      74 B
       160 B
       1
      1

      DNS Request

      200.163.202.172.in-addr.arpa

    • 8.8.8.8:53
      171.39.242.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      171.39.242.20.in-addr.arpa

    • 8.8.8.8:53
      107.12.20.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      107.12.20.2.in-addr.arpa

    • 8.8.8.8:53
      21.236.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      21.236.111.52.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.