Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

2025-03-21...uk.exe

windows7-x64

10

2025-03-21...uk.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-21_c028d3ef04146cefb5974e9fbf583453_ponmocup_ryuk

  • Size

    12.0MB

  • Sample

    250321-cneg9s1ze1

  • MD5

    c028d3ef04146cefb5974e9fbf583453

  • SHA1

    279d260557282286a9b24c4a6a240d78c9887d5a

  • SHA256

    8126e103f575ebea6964e969f299202616f54efe7cf8a2450d9a9ff2fddd06eb

  • SHA512

    55320a785160263bf2660549a4ee119a9fabc3b2a68d5c27da914b5eda14218c6d8527163553812acf4473bf67b15f46d521864d9c89d9216598c50c883cbb60

  • SSDEEP

    196608:T4pf4Dz52nt/tv1MfHrODpFC4g0AVIGvr8ZJ9BIBxIFO48RmU/3ZlsPvmuR5DTbq:Ml4Dgt/xcKLgtIGWYXIotN3ZWLJzBv

Score
10/10
demonwarepyinstallerransomware

Malware Config

Extracted

Path

C:\Users\Admin\Desktop\README.txt

Family

demonware

Ransom Note
Tango Down! Seems like you got hit by DemonWare ransomware! Don't Panic, you get have your files back! DemonWare uses a basic encryption script to lock your files. This type of ransomware is known as CRYPTO. You'll need a decryption key in order to unlock your files. Your files will be deleted when the timer runs out, so you better hurry. You have 10 hours to find your key C'mon, be glad I don't ask for payment like other ransomware. Please visit: idk and search for your IP/hostname to get your key. Kind regards, no u

Targets

    • Target

      2025-03-21_c028d3ef04146cefb5974e9fbf583453_ponmocup_ryuk

    • Size

      12.0MB

    • MD5

      c028d3ef04146cefb5974e9fbf583453

    • SHA1

      279d260557282286a9b24c4a6a240d78c9887d5a

    • SHA256

      8126e103f575ebea6964e969f299202616f54efe7cf8a2450d9a9ff2fddd06eb

    • SHA512

      55320a785160263bf2660549a4ee119a9fabc3b2a68d5c27da914b5eda14218c6d8527163553812acf4473bf67b15f46d521864d9c89d9216598c50c883cbb60

    • SSDEEP

      196608:T4pf4Dz52nt/tv1MfHrODpFC4g0AVIGvr8ZJ9BIBxIFO48RmU/3ZlsPvmuR5DTbq:Ml4Dgt/xcKLgtIGWYXIotN3ZWLJzBv

    Score
    10/10
    demonwareransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks