Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

7.5 - @LOG...#4.rar

windows10-1703-x64

6

BR_128.201...st.txt

windows10-1703-x64

1

BR_128.201...lt.txt

windows10-1703-x64

1

BR_128.201...lt.txt

windows10-1703-x64

1

BR_128.201...fo.txt

windows10-1703-x64

1

BR_128.201...lt.txt

windows10-1703-x64

1

BR_128.201... 1.txt

windows10-1703-x64

1

BR_128.201...st.txt

windows10-1703-x64

1

BR_128.201...lt.txt

windows10-1703-x64

1

BR_128.201... 1.txt

windows10-1703-x64

1

BR_128.201... 2.txt

windows10-1703-x64

1

BR_128.201... 3.txt

windows10-1703-x64

1

BR_128.201... 4.txt

windows10-1703-x64

1

BR_128.201... 6.txt

windows10-1703-x64

1

BR_128.201...lt.txt

windows10-1703-x64

1

BR_128.201... 1.txt

windows10-1703-x64

1

BR_128.201... 2.txt

windows10-1703-x64

1

BR_128.201... 3.txt

windows10-1703-x64

1

BR_128.201... 4.txt

windows10-1703-x64

1

BR_128.201...fo.txt

windows10-1703-x64

1

BR_128.201...lt.txt

windows10-1703-x64

1

BR_128.201... 1.txt

windows10-1703-x64

1

BR_128.201...lt.txt

windows10-1703-x64

1

BR_128.201...lt.txt

windows10-1703-x64

1

BR_128.201...st.txt

windows10-1703-x64

1

BR_128.201...lt.txt

windows10-1703-x64

1

BR_128.201... 1.txt

windows10-1703-x64

1

BR_128.201... 2.txt

windows10-1703-x64

1

BR_128.201... 3.txt

windows10-1703-x64

1

BR_128.201...lt.txt

windows10-1703-x64

1

BR_128.201...le.txt

windows10-1703-x64

1

BR_128.201... 1.txt

windows10-1703-x64

1

Analysis

  • max time kernel
    103s
  • max time network
    181s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    19/07/2023, 08:47 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BR_128.201.41.41_2023_06_22_23_48_50/history/Google Chrome_Default.txt

  • Size

    2KB

  • MD5

    680b3ca8582fa77239f8fbf2f1752f16

  • SHA1

    d31f63a5025c7e2c2cee50e6bee93242c8bfd857

  • SHA256

    89473e4cafebdf809ba636f6490ee052717062ad9dc9fa10a69d0585552e455f

  • SHA512

    44548ec5c7f6846796db1ee1ecf1d33e6ad4eabb55da88680dba6490891c32adbbff656f22a24f2eb428db3f8d18ef03f228122eac0b2726d4a02dd9b6c4787f

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE "C:\Users\Admin\AppData\Local\Temp\BR_128.201.41.41_2023_06_22_23_48_50\history\Google Chrome_Default.txt"
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:1488

Network

  • flag-us
    DNS
    9.57.101.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    9.57.101.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    209.143.182.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    209.143.182.52.in-addr.arpa
    IN PTR
    Response
No results found
  • 8.8.8.8:53
    9.57.101.20.in-addr.arpa
    dns
    70 B
     156 B
     1
    1

    DNS Request

    9.57.101.20.in-addr.arpa

  • 8.8.8.8:53
    209.143.182.52.in-addr.arpa
    dns
    73 B
     147 B
     1
    1

    DNS Request

    209.143.182.52.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.