Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
10Static
static
10Ransomware...KB.exe
windows10-ltsc_2021-x64
7Ransomware...KB.exe
windows7-x64
10Ransomware...KB.exe
windows10-2004-x64
7Ransomware...KB.exe
windows10-ltsc_2021-x64
7Ransomware...KB.exe
windows11-21h2-x64
7Ransomware...KB.exe
windows10-ltsc_2021-x64
10Ransomware...KB.exe
windows7-x64
10Ransomware...KB.exe
windows10-2004-x64
10Ransomware...KB.exe
windows10-ltsc_2021-x64
10Ransomware...KB.exe
windows11-21h2-x64
10Ransomware...KB.exe
windows7-x64
10Ransomware...KB.exe
windows7-x64
10Ransomware...KB.exe
windows10-2004-x64
10Ransomware...KB.exe
windows10-ltsc_2021-x64
10Ransomware...KB.exe
windows11-21h2-x64
10Ransomware...KB.exe
windows10-2004-x64
9Ransomware...KB.exe
windows7-x64
9Ransomware...KB.exe
windows10-2004-x64
9Ransomware...KB.exe
windows10-ltsc_2021-x64
9Ransomware...KB.exe
windows11-21h2-x64
9Ransomware...KB.exe
windows11-21h2-x64
9Ransomware...KB.exe
windows7-x64
9Ransomware...KB.exe
windows10-2004-x64
9Ransomware...KB.exe
windows10-ltsc_2021-x64
9Ransomware...KB.exe
windows11-21h2-x64
9Ransomware...KB.ps1
windows11-21h2-x64
10Ransomware...KB.ps1
windows7-x64
10Ransomware...KB.ps1
windows10-2004-x64
10Ransomware...KB.ps1
windows10-ltsc_2021-x64
10Ransomware...KB.ps1
windows11-21h2-x64
10Resubmissions
25/03/2025, 15:11
250325-skmbpsxzaw 1025/03/2025, 15:06
250325-sg1d6a1px2 1025/03/2025, 15:01
250325-sd5jpsxyct 1025/03/2025, 14:56
250325-sbdcfaxxgs 1025/03/2025, 14:50
250325-r7ve6a1nv3 1025/03/2025, 14:46
250325-r5ab7sxwhx 1025/03/2025, 14:40
250325-r2c9paxwe1 1005/02/2025, 10:25
250205-mgcefaslhw 1005/02/2025, 10:17
250205-mbs51atmbk 1005/02/2025, 09:15
250205-k785zs1pfn 10Analysis
-
max time kernel
103s -
max time network
105s -
platform
windows10-ltsc_2021_x64 -
resource
win10ltsc2021-20250314-en -
resource tags
arch:x64arch:x86image:win10ltsc2021-20250314-enlocale:en-usos:windows10-ltsc_2021-x64system -
submitted
25/03/2025, 14:56
Static task
static1
Behavioral task
behavioral1
Sample
RansomwareSamples/MAKOP_27_10_2020_115KB.exe
Resource
win10ltsc2021-20250314-en
Behavioral task
behavioral2
Sample
RansomwareSamples/MAKOP_27_10_2020_115KB.exe
Resource
win7-20241010-en
Behavioral task
behavioral3
Sample
RansomwareSamples/MAKOP_27_10_2020_115KB.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral4
Sample
RansomwareSamples/MAKOP_27_10_2020_115KB.exe
Resource
win10ltsc2021-20250314-en
Behavioral task
behavioral5
Sample
RansomwareSamples/MAKOP_27_10_2020_115KB.exe
Resource
win11-20250313-en
Behavioral task
behavioral6
Sample
RansomwareSamples/MedusaLocker_24_04_2020_661KB.exe
Resource
win10ltsc2021-20250314-en
Behavioral task
behavioral7
Sample
RansomwareSamples/MedusaLocker_24_04_2020_661KB.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
RansomwareSamples/MedusaLocker_24_04_2020_661KB.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral9
Sample
RansomwareSamples/MedusaLocker_24_04_2020_661KB.exe
Resource
win10ltsc2021-20250314-en
Behavioral task
behavioral10
Sample
RansomwareSamples/MedusaLocker_24_04_2020_661KB.exe
Resource
win11-20250313-en
Behavioral task
behavioral11
Sample
RansomwareSamples/MountLocker_20_11_2020_200KB.exe
Resource
win7-20241010-en
Behavioral task
behavioral12
Sample
RansomwareSamples/MountLocker_20_11_2020_200KB.exe
Resource
win7-20250207-en
Behavioral task
behavioral13
Sample
RansomwareSamples/MountLocker_20_11_2020_200KB.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral14
Sample
RansomwareSamples/MountLocker_20_11_2020_200KB.exe
Resource
win10ltsc2021-20250314-en
Behavioral task
behavioral15
Sample
RansomwareSamples/MountLocker_20_11_2020_200KB.exe
Resource
win11-20250313-en
Behavioral task
behavioral16
Sample
RansomwareSamples/Nefilim_31_08_2020_3061KB.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral17
Sample
RansomwareSamples/Nefilim_31_08_2020_3061KB.exe
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
RansomwareSamples/Nefilim_31_08_2020_3061KB.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral19
Sample
RansomwareSamples/Nefilim_31_08_2020_3061KB.exe
Resource
win10ltsc2021-20250314-en
Behavioral task
behavioral20
Sample
RansomwareSamples/Nefilim_31_08_2020_3061KB.exe
Resource
win11-20250313-en
Behavioral task
behavioral21
Sample
RansomwareSamples/Nemty_03_02_2021_124KB.exe
Resource
win11-20250314-en
Behavioral task
behavioral22
Sample
RansomwareSamples/Nemty_03_02_2021_124KB.exe
Resource
win7-20241023-en
Behavioral task
behavioral23
Sample
RansomwareSamples/Nemty_03_02_2021_124KB.exe
Resource
win10v2004-20250314-en
Behavioral task
behavioral24
Sample
RansomwareSamples/Nemty_03_02_2021_124KB.exe
Resource
win10ltsc2021-20250314-en
Behavioral task
behavioral25
Sample
RansomwareSamples/Nemty_03_02_2021_124KB.exe
Resource
win11-20250313-en
Behavioral task
behavioral26
Sample
RansomwareSamples/NetWalker_19_10_2020_903KB.ps1
Resource
win11-20250313-en
Behavioral task
behavioral27
Sample
RansomwareSamples/NetWalker_19_10_2020_903KB.ps1
Resource
win7-20241010-en
Behavioral task
behavioral28
Sample
RansomwareSamples/NetWalker_19_10_2020_903KB.ps1
Resource
win10v2004-20250314-en
Behavioral task
behavioral29
Sample
RansomwareSamples/NetWalker_19_10_2020_903KB.ps1
Resource
win10ltsc2021-20250314-en
Behavioral task
behavioral30
Sample
RansomwareSamples/NetWalker_19_10_2020_903KB.ps1
Resource
win11-20250313-en
General
-
Target
RansomwareSamples/Nefilim_31_08_2020_3061KB.exe
-
Size
3.0MB
-
MD5
cd7b5d2391af7cc10f5ab11f2baef503
-
SHA1
c735ff582ab489f13cfc76ee744e52b868012e2e
-
SHA256
0bafde9b22d7147de8fdb852bcd529b1730acddc9eb71316b66c180106f777f5
-
SHA512
b01c843c9a7c154ab592b667fe66b49123bfc2218904391600c1d17623b91c4e83eb6049aba01813586251596d999cce953ca689957390e658ee306a9859adca
-
SSDEEP
24576:YOXKA8qDbjm8N3CNWYqdQCVzCYXjG9xLAW0bUXo2xdQS3aVOqL1UrSlcbHLWcR4+:tXKOm8mkdHJC0jG9xE9gdQS3aLibLw
Malware Config
Signatures
-
Renames multiple (136) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD526024bfff1079296a378717d3d1cb7b0
SHA126dd37b88849066fb84c3a46401fd754972f9e2f
SHA256b777912f6a8177b2c58cb448da68c0eb6b2d6ab30dcc3ea0ca7e5895f40d7887
SHA51269ca9d20b9322f772caf9698f2bd42cd1451369c2692042e9003a4c57b60708d385e59f6e17fe11f33b52eba48f1f96b3b84f9458c9df27b9707c76981432f84