Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

2025-03-18...uk.exe

windows7-x64

7

2025-03-18...uk.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-18_7e8bef0e5baa023171cb93339e761b86_ryuk

  • Size

    11.8MB

  • Sample

    250318-b64pfastdv

  • MD5

    7e8bef0e5baa023171cb93339e761b86

  • SHA1

    5c2b59771c1e0af962cd6e44ebd008da53b6823d

  • SHA256

    e19d00767aa93ad6e6de89901fe2a2ad389dd3824036ac9a796fdd50723e0707

  • SHA512

    5837eea02955d99ebcb01fe8fe427985bd45d8088e4c8d02bbc348fa1666b9cbc7c7961cfc313e15ab6b85d824fdd0ea278a8369cb626b2844485412d398d486

  • SSDEEP

    196608:pT0OqTXrTaXPA4pzxw9BK+GIgr9onJ5hrZERpyiU8AdZYJERS48RmU/3ZlsPvar:KTXafVxw9BNPi9c5hlERlAdZYygtN3Z1

Score
10/10
demonwarepyinstallerransomware

Malware Config

Extracted

Path

C:\Users\Admin\Pictures\README.txt

Family

demonware

Ransom Note
Tango Down! Seems like you got hit by DemonWare ransomware! Don't Panic, you get have your files back! DemonWare uses a basic encryption script to lock your files. This type of ransomware is known as CRYPTO. You'll need a decryption key in order to unlock your files. Your files will be deleted when the timer runs out, so you better hurry. You have 10 hours to find your key C'mon, be glad I don't ask for payment like other ransomware. Please visit: https://keys.zeznzo.nl and search for your IP/hostname to get your key. Kind regards, Zeznzo
URLs

https://keys.zeznzo.nl

Targets

    • Target

      2025-03-18_7e8bef0e5baa023171cb93339e761b86_ryuk

    • Size

      11.8MB

    • MD5

      7e8bef0e5baa023171cb93339e761b86

    • SHA1

      5c2b59771c1e0af962cd6e44ebd008da53b6823d

    • SHA256

      e19d00767aa93ad6e6de89901fe2a2ad389dd3824036ac9a796fdd50723e0707

    • SHA512

      5837eea02955d99ebcb01fe8fe427985bd45d8088e4c8d02bbc348fa1666b9cbc7c7961cfc313e15ab6b85d824fdd0ea278a8369cb626b2844485412d398d486

    • SSDEEP

      196608:pT0OqTXrTaXPA4pzxw9BK+GIgr9onJ5hrZERpyiU8AdZYJERS48RmU/3ZlsPvar:KTXafVxw9BNPi9c5hlERlAdZYygtN3Z1

    Score
    10/10
    demonwareransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks