Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
154s -
max time network
118s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
01/02/2022, 13:58
General
-
Target
07f0cf878de3df525c97fa894c2165ed502ed5be4714b1ae07a0f48b5bfe16b1.exe
-
Size
1.2MB
-
MD5
744124ba8d0c7469e93dfd513de8e69f
-
SHA1
caf0e85e4574000639f1695e8d5cf4d87e1278f6
-
SHA256
07f0cf878de3df525c97fa894c2165ed502ed5be4714b1ae07a0f48b5bfe16b1
-
SHA512
ce178ab37f4c06088f3a440e359d4d72e5d5719c00d701064409fa1b9cd083d84c42affe87d9f24554e3be42384be189aad5b0f3de3d798ecba22f54f9cb3a45
Score
10/10
Malware Config
Extracted
Path
C:\Users\Public\Desktop\README_LOCKED.txt
Ransom Note
Greetings!
There was a significant flaw in the security system of your company.
You should be thankful that the flaw was exploited by serious people and not some rookies.
They would have damaged all of your data by mistake or for fun.
Your files are encrypted with the strongest military algorithms RSA4096 and AES-256.
Without our special decoder it is impossible to restore the data.
Attempts to restore your data with third party software as Photorec, RannohDecryptor etc.
will lead to irreversible destruction of your data.
To confirm our honest intentions.
Send us 2-3 different random files and you will get them decrypted.
It can be from different computers on your network to be sure that our decoder decrypts everything.
Sample files we unlock for free (files should not be related to any kind of backups).
We exclusively have decryption software for your situation
DO NOT RESET OR SHUTDOWN - files may be damaged.
DO NOT RENAME the encrypted files.
DO NOT MOVE the encrypted files.
This may lead to the impossibility of recovery of the certain files.
The payment has to be made in Bitcoins.
The final price depends on how fast you contact us.
As soon as we receive the payment you will get the decryption tool and
instructions on how to improve your systems security
To get information on the price of the decoder contact us at:
[email protected]
[email protected]
Signatures
-
LockerGoga
LockerGoga is a ransomware that is primarily used in targeted, disruptive attacks.
-
Drops desktop.ini file(s) 6 IoCs
-
Drops file in Program Files directory 64 IoCs
-
Runs net.exe
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
-
Suspicious behavior: RenamesItself 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\07f0cf878de3df525c97fa894c2165ed502ed5be4714b1ae07a0f48b5bfe16b1.exe"C:\Users\Admin\AppData\Local\Temp\07f0cf878de3df525c97fa894c2165ed502ed5be4714b1ae07a0f48b5bfe16b1.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c move /y C:\Users\Admin\AppData\Local\Temp\07f0cf878de3df525c97fa894c2165ed502ed5be4714b1ae07a0f48b5bfe16b1.exe C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe2⤵
- Suspicious behavior: RenamesItself
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -m2⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\logoff.exeC:\Windows\system32\logoff.exe 03⤵
-
-
C:\Windows\system32\logoff.exeC:\Windows\system32\logoff.exe 03⤵
-
-
C:\Windows\system32\logoff.exeC:\Windows\system32\logoff.exe 03⤵
-
-
C:\Windows\system32\logoff.exeC:\Windows\system32\logoff.exe 03⤵
-
-
C:\Windows\system32\logoff.exeC:\Windows\system32\logoff.exe 03⤵
-
-
C:\Windows\system32\net.exeC:\Windows\system32\net.exe user Admin HuHuHUHoHo283283@dJD3⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 user Admin HuHuHUHoHo283283@dJD4⤵
-
-
-
C:\Windows\system32\net.exeC:\Windows\system32\net.exe user Administrator HuHuHUHoHo283283@dJD3⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\net1.exeC:\Windows\system32\net1 user Administrator HuHuHUHoHo283283@dJD4⤵
-
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Suspicious use of AdjustPrivilegeToken
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops desktop.ini file(s)
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops desktop.ini file(s)
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops desktop.ini file(s)
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
- Drops file in Program Files directory
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
C:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exeC:\Users\Admin\AppData\Local\Temp\tgytutrc9933.exe -i SM-tgytutrc -s3⤵
-
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB