Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

URLScan

urlscan

https://github.com/k...

windows11-21h2-x64

10

Resubmissions

08/03/2025, 17:11 UTC

250308-vqjtwazwcz 10

02/02/2025, 15:47 UTC

250202-s8dpgazqbp 10

02/02/2025, 15:44 UTC

250202-s6mvcszpel 6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://github.com/kh4sh3i/Ransomware-Samples

  • Sample

    250308-vqjtwazwcz

Score
10/10
lockydefense_evasiondiscoveryexecutionransomware

Malware Config

Targets

    • Target

      https://github.com/kh4sh3i/Ransomware-Samples

    Score
    10/10
    lockydefense_evasiondiscoveryexecutionransomware

    • Disables service(s)

      defense_evasionexecution

    • Locky

      Ransomware strain released in 2016, with advanced features like anti-analysis.

      ransomwarelocky

    • Locky family

      locky

    • Drops startup file

    • Executes dropped EXE

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion

    • Legitimate hosting services abused for malware hosting/C2

    • Network Service Discovery

      Attempt to gather information on host's network.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

PowerShell

1
T1059.001

System Services

1
T1569

Service Execution

1
T1569.002

Persistence

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Privilege Escalation

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Defense Evasion

Indicator Removal

1
T1070

File Deletion

1
T1070.004

Credential Access

Discovery

Browser Information Discovery

1
T1217

Network Service Discovery

1
T1046

Query Registry

1
T1012

Remote System Discovery

1
T1018

System Information Discovery

1
T1082

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

System Network Configuration Discovery

1
T1016

Internet Connection Discovery

1
T1016.001

Lateral Movement

Collection

Command and Control

Web Service

1
T1102

Exfiltration

Impact

Service Stop

1
T1489

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.