Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

2025-01-22...er.exe

windows7-x64

10

2025-01-22...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-01-22_09e948364ca382e2fe3ed8080f9345e2_globeimposter

  • Size

    55KB

  • Sample

    250122-w3a8yaypcv

  • MD5

    09e948364ca382e2fe3ed8080f9345e2

  • SHA1

    329e2e775e5fef155c36c9dc4e6fada19396c856

  • SHA256

    f3504c38ba93d23a3cff591031fbb56d66440aa8cf2f48fa844f7e4be8bcabad

  • SHA512

    c284b7bb354c369b017909f58c013ec6b77733856a8a5967cbbcf932f29c7fb426f12e6a488bc8ac24d452477fa32783a84d7ecfbe2361151317dab94203695e

  • SSDEEP

    1536:+kfjkfV+KJolntwrbDSTWvTwhQMhmpdLsN6:14fIKJolntGDT5qm3Lq6

Score
10/10
globeimposterdiscoverypersistenceransomwarespywarestealer

Malware Config

Targets

    • Target

      2025-01-22_09e948364ca382e2fe3ed8080f9345e2_globeimposter

    • Size

      55KB

    • MD5

      09e948364ca382e2fe3ed8080f9345e2

    • SHA1

      329e2e775e5fef155c36c9dc4e6fada19396c856

    • SHA256

      f3504c38ba93d23a3cff591031fbb56d66440aa8cf2f48fa844f7e4be8bcabad

    • SHA512

      c284b7bb354c369b017909f58c013ec6b77733856a8a5967cbbcf932f29c7fb426f12e6a488bc8ac24d452477fa32783a84d7ecfbe2361151317dab94203695e

    • SSDEEP

      1536:+kfjkfV+KJolntwrbDSTWvTwhQMhmpdLsN6:14fIKJolntGDT5qm3Lq6

    Score
    10/10
    globeimposterpersistenceransomwarespywarestealerdiscovery

    • GlobeImposter

      GlobeImposter is a ransomware first seen in 2017.

      ransomwareglobeimposter

    • Globeimposter family

      globeimposter

    • Renames multiple (6119) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks