Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    168s
  • max time network
    276s
  • platform
    windows10-1703_x64
  • resource
    win10-20230915-en
  • resource tags

    arch:x64arch:x86image:win10-20230915-enlocale:en-usos:windows10-1703-x64system
  • submitted
    12/10/2023, 04:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4696c184f85e19c86dff4288c45cee1888844eee62b8b47282b51b04c54c8d9f.exe

  • Size

    724KB

  • MD5

    8a7e13f5bd9ce1ec7e4f2d62f179a957

  • SHA1

    831e71118b0f6bad92314bbf232393c9f26069d2

  • SHA256

    4696c184f85e19c86dff4288c45cee1888844eee62b8b47282b51b04c54c8d9f

  • SHA512

    8d820a83d7a8448a2aa59166d1e9c77dfb58a154c6f04d0e9f538e7cdd35bca86084e9de15f1131a6565225eafdd99d8cf1b306c42ffc1347ce3b18491964dcc

  • SSDEEP

    12288:36AFLRO/PA+fWKdliIGJ73V534jeABaPT9DBTt7ArtEkquhg13WVQmfjmkHfw+b:KA9RO/PU2AJ7VR/YarTRktETSQgCk/w+

Score
10/10
djvuransomware

Malware Config

Signatures

  • Detected Djvu ransomware 1 IoCs
  • Djvu Ransomware

    Ransomware which is a variant of the STOP family.

    ransomwaredjvu

Processes

  • C:\Users\Admin\AppData\Local\Temp\4696c184f85e19c86dff4288c45cee1888844eee62b8b47282b51b04c54c8d9f.exe
    "C:\Users\Admin\AppData\Local\Temp\4696c184f85e19c86dff4288c45cee1888844eee62b8b47282b51b04c54c8d9f.exe"
    1⤵
      PID:2660

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2660-1-0x0000000002220000-0x00000000022B7000-memory.dmp

      Filesize

      604KB

      Download

    • memory/2660-2-0x00000000023C0000-0x00000000024DB000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/2660-3-0x0000000002220000-0x00000000022B7000-memory.dmp

      Filesize

      604KB

      Download