Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
95s -
max time network
142s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
14/09/2022, 07:09
General
-
Target
Ažuriranje_transakcije.iso
-
Size
1.2MB
-
MD5
2775cf71cabb89e2befce8e9553b5cd5
-
SHA1
6184e34d22794abcf70a8a2319a4abccfd8986e2
-
SHA256
f22d1ad6c3389e91374dc113c008381fd66e5b1303815a10860a750204e14b19
-
SHA512
682ca968874d8feeee272ee5e81932d040d2bcdf2c7e25b3ec64c990192919473afd5c69be371dda353cf2e3a7d402302c207093c122945f43835dad1eb85e65
-
SSDEEP
6144:ZUj/w6e6+p2897x6q+EYzYXMbKQ9vgdPED60JFtHYh2KOWZ5N:ZqVe6s9FP+aXMezEVTYh2KVZ
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Modifies registry class 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\Ažuriranje_transakcije.iso1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken