Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

JOYSTICK/X...ME.txt

windows7-x64

1

JOYSTICK/X...ME.txt

windows10-2004-x64

1

JOYSTICK/X...PI.dll

windows7-x64

1

JOYSTICK/X...PI.dll

windows10-2004-x64

1

JOYSTICK/X...PI.dll

windows7-x64

1

JOYSTICK/X...PI.dll

windows10-2004-x64

1

JOYSTICK/X...er.exe

windows7-x64

1

JOYSTICK/X...er.exe

windows10-2004-x64

1

JOYSTICK/X...er.log

windows7-x64

1

JOYSTICK/X...er.log

windows10-2004-x64

1

JOYSTICK/X...us.cat

windows7-x64

8

JOYSTICK/X...us.cat

windows10-2004-x64

8

JOYSTICK/X...us.inf

windows7-x64

1

JOYSTICK/X...us.inf

windows10-2004-x64

1

JOYSTICK/X...us.exe

windows7-x64

JOYSTICK/X...us.exe

windows10-2004-x64

JOYSTICK/X...us.exe

windows7-x64

JOYSTICK/X...us.exe

windows10-2004-x64

JOYSTICK/X...DX.dll

windows7-x64

1

JOYSTICK/X...DX.dll

windows10-2004-x64

1

JOYSTICK/X...ut.exe

windows7-x64

1

JOYSTICK/X...ut.exe

windows10-2004-x64

1

JOYSTICK/desktop.ini

windows7-x64

1

JOYSTICK/desktop.ini

windows10-2004-x64

1

JOYSTICK/x...ce.exe

windows7-x64

7

JOYSTICK/x...ce.exe

windows10-2004-x64

1

JOYSTICK/x...64.exe

windows7-x64

7

JOYSTICK/x...64.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2023, 22:07 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    JOYSTICK/desktop.ini

  • Size

    115B

  • MD5

    da134831cc18aeae5af5b2e2a684c367

  • SHA1

    7fba70744166a647250b33386558e5e183fc73b8

  • SHA256

    0e9a37ef6e53135766129379c5ed09a498b2e2d85694dd5f89cdcddee33cb1af

  • SHA512

    5d62c8d33355f749bbbea38ffd6a3cc4e0899a0ce67e56fb0c91016440935991e31c1d77a0265a77e51410eb63347ea3d36e8ba194abf85c7e5abacea82f8e1a

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\JOYSTICK\desktop.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:1936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.