Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

Use_50505_...rd.rar

windows10-2004-x64

Setup.exe

windows10-2004-x64

5

langs/Croatian.ini

windows10-2004-x64

1

langs/Danish.ini

windows10-2004-x64

1

langs/English.ini

windows10-2004-x64

1

langs/Finnish.ini

windows10-2004-x64

1

langs/Hebrew.ini

windows10-2004-x64

1

langs/Hungarian.ps1

windows10-2004-x64

1

langs/Indonesian.ini

windows10-2004-x64

1

langs/Japanese.ini

windows10-2004-x64

1

langs/Kazakh.ini

windows10-2004-x64

1

langs/Korean.ps1

windows10-2004-x64

1

langs/Kurdish.ini

windows10-2004-x64

1

langs/Norwegian.ini

windows10-2004-x64

1

langs/SimpChinese.ini

windows10-2004-x64

1

langs/Sinhala.ini

windows10-2004-x64

1

langs/Slovak.ini

windows10-2004-x64

1

langs/Swedish.ini

windows10-2004-x64

1

langs/Thai.ini

windows10-2004-x64

1

langs/TradChinese.ini

windows10-2004-x64

1

langs/Ukrainian.ini

windows10-2004-x64

1

langs/UyghurLatin.ini

windows10-2004-x64

1

langs/Uzbek.ini

windows10-2004-x64

1

langs/Vietnamese.ini

windows10-2004-x64

1

Analysis

  • max time kernel
    1610s
  • max time network
    1585s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2022, 20:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    langs/Uzbek.ini

  • Size

    77KB

  • MD5

    29dc4e77b361bbce2780610edf092861

  • SHA1

    5edc783102a4f213e876d70599e0155387ca7429

  • SHA256

    af11b0cbdcb67ddc024272d45d098cf1da8a21661fe9f6fb7a0239d0c6684531

  • SHA512

    ad87a926748c607773dad37b1a9fcdd47a87dde0defb36aadf6c8b043561e57b5c420e517d7ae3283f098b661c49e5d8a3ae6f3a348824780ef9d5435be828a9

  • SSDEEP

    768:wR2Wh/kX5yUYBW0nbEwiW8S9LZU0xqXKhTVT2EogXcZILi2LAUTVxlWRumLFE0DZ:DcBW0nbEnMUMlWRRr+Wntr

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\langs\Uzbek.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:1460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads