Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

ShyTechOS-...er.exe

windows7-x64

10

ShyTechOS-...er.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    20/10/2023, 09:41 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ShyTechOS-installer/ShyTechOS-istaller.exe

  • Size

    1.3MB

  • MD5

    6009d01604c27c4b34f9ce18ff39754f

  • SHA1

    5f7c9fe3352e2f2cd369b3db123eee554ab27787

  • SHA256

    ea0b3888b966aac8ba9ee37a05bca711db7fe23824213c0b101d3fafc4c4cd7f

  • SHA512

    a852dde0502bf15de12ee67b36c5419f51727919d5e56195d72a171afbfbee1dc985ea1a3793f99aff4541c8f302883822c1469fc21736ca58ddf560b2861206

  • SSDEEP

    24576:0TSTiRsBE12BIVpT2QhYpAILUo/g9QZqpMC3QVbIoTdWR8SfEuGujqZF13z8H81:0T7RseZDT2tSbvQsIbe8YVjPH81

Score
10/10
mafiaware666ransomware

Malware Config

Signatures

  • Detect MafiaWare666 ransomware 1 IoCs
  • MafiaWare666 Ransomware

    MafiaWare666 is ransomware written in C# with multiple variants.

    ransomwaremafiaware666
  • Renames multiple (69) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops desktop.ini file(s) 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ShyTechOS-installer\ShyTechOS-istaller.exe
    "C:\Users\Admin\AppData\Local\Temp\ShyTechOS-installer\ShyTechOS-istaller.exe"
    1⤵
    • Drops desktop.ini file(s)
    PID:2240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2240-0-0x0000000000350000-0x00000000004A2000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/2240-1-0x0000000074C00000-0x00000000752EE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2240-2-0x0000000000840000-0x0000000000880000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2240-3-0x0000000000840000-0x0000000000880000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2240-13-0x0000000074C00000-0x00000000752EE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2240-15-0x0000000000840000-0x0000000000880000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2240-17-0x0000000000840000-0x0000000000880000-memory.dmp

    Filesize

    256KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.