95acc4d1a274dd2edf1755278413d6d9e5e6485ade610a571c772e98c0fd30a1

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

DISTRAINT....og.rar

windows7-x64

DISTRAINT....og.rar

windows10-2004-x64

DISTRAINT....13.ini

windows7-x64

DISTRAINT....13.ini

windows10-2004-x64

DISTRAINT....og.url

windows7-x64

DISTRAINT....og.url

windows10-2004-x64

DISTRAINT....32.exe

windows7-x64

DISTRAINT....32.exe

windows10-2004-x64

DISTRAINT....64.exe

windows7-x64

DISTRAINT....64.exe

windows10-2004-x64

DISTRAINT....se.ini

windows7-x64

DISTRAINT....se.ini

windows10-2004-x64

DISTRAINT....sh.ini

windows7-x64

DISTRAINT....sh.ini

windows10-2004-x64

DISTRAINT....ch.ini

windows7-x64

DISTRAINT....ch.ini

windows10-2004-x64

DISTRAINT....an.ini

windows7-x64

DISTRAINT....an.ini

windows10-2004-x64

DISTRAINT....an.ini

windows7-x64

DISTRAINT....an.ini

windows10-2004-x64

DISTRAINT....br.ini

windows7-x64

DISTRAINT....br.ini

windows10-2004-x64

DISTRAINT....an.ini

windows7-x64

DISTRAINT....an.ini

windows10-2004-x64

DISTRAINT....sh.ini

windows7-x64

DISTRAINT....sh.ini

windows10-2004-x64

DISTRAINT....nt.exe

windows7-x64

DISTRAINT....nt.exe

windows10-2004-x64

DISTRAINT....pi.dll

windows7-x64

DISTRAINT....pi.dll

windows10-2004-x64

Analysis

max time kernel
150s
max time network
165s
platform
windows10-2004_x64
resource
win10v2004-20231215-es
resource tags

arch:x64arch:x86image:win10v2004-20231215-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
12/01/2024, 10:11

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

DISTRAINT.v06.12.16-PiviGames.blog.rar

Resource

win7-20231129-es

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

DISTRAINT.v06.12.16-PiviGames.blog.rar

Resource

win10v2004-20231215-es

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral3

Sample

DISTRAINT.v06.12.16-PiviGames.blog/ALI213.ini

Resource

win7-20231215-es

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

DISTRAINT.v06.12.16-PiviGames.blog/ALI213.ini

Resource

win10v2004-20231215-es

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

DISTRAINT.v06.12.16-PiviGames.blog/DESCARGA JUEGOS GRATIS - PiviGames.blog.url

Resource

win7-20231215-es

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

DISTRAINT.v06.12.16-PiviGames.blog/DESCARGA JUEGOS GRATIS - PiviGames.blog.url

Resource

win10v2004-20231215-es

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

DISTRAINT.v06.12.16-PiviGames.blog/REDIST/VCRedist 2010 x32.exe

Resource

win7-20231215-es

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral8

Sample

DISTRAINT.v06.12.16-PiviGames.blog/REDIST/VCRedist 2010 x32.exe

Resource

win10v2004-20231215-es

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral9

Sample

DISTRAINT.v06.12.16-PiviGames.blog/REDIST/VCRedist 2010 x64.exe

Resource

win7-20231215-es

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral10

Sample

DISTRAINT.v06.12.16-PiviGames.blog/REDIST/VCRedist 2010 x64.exe

Resource

win10v2004-20231215-es

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral11

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_chinese.ini

Resource

win7-20231129-es

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_chinese.ini

Resource

win10v2004-20231222-es

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral13

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_english.ini

Resource

win7-20231129-es

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_english.ini

Resource

win10v2004-20231222-es

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_french.ini

Resource

win7-20231215-es

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_french.ini

Resource

win10v2004-20231215-es

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_german.ini

Resource

win7-20231215-es

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_german.ini

Resource

win10v2004-20231215-es

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_italian.ini

Resource

win7-20231215-es

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_italian.ini

Resource

win10v2004-20231215-es

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_portuguese_br.ini

Resource

win7-20231215-es

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_portuguese_br.ini

Resource

win10v2004-20231215-es

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_russian.ini

Resource

win7-20231215-es

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_russian.ini

Resource

win10v2004-20231215-es

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_spanish.ini

Resource

win7-20231129-es

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_spanish.ini

Resource

win10v2004-20231215-es

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral27

Sample

DISTRAINT.v06.12.16-PiviGames.blog/distraint.exe

Resource

win7-20231129-es

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral28

Sample

DISTRAINT.v06.12.16-PiviGames.blog/distraint.exe

Resource

win10v2004-20231222-es

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral29

Sample

DISTRAINT.v06.12.16-PiviGames.blog/steam_api.dll

Resource

win7-20231215-es

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral30

Sample

DISTRAINT.v06.12.16-PiviGames.blog/steam_api.dll

Resource

win10v2004-20231222-es

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

DISTRAINT.v06.12.16-PiviGames.blog/dialogue_italian.ini
Size

78KB
MD5

036f25d54d867580c508b85842a8a907
SHA1

9439e721545532d1e7f6af88e2c0e4a5234b710b
SHA256

0e9037cb644b61e1bb1e5675d5d7688ed23755c8186047b3ac37c995c02a2dd7
SHA512

ca9a9a1ac2c444ab7e5836459fb20b8fc72f22f38c43863c52abedfe6b3fe48ef33a9c33a7d4f6be86b90c910a6500ebe8bd701ba586bd79992a47315a5bc705
SSDEEP

768:+hiia/+QXDcarFLtzIWNivikFW4bjE94M2RCOBrFXTS163P41U5zyZPseru6P7DG:sMTXTFLtzH554COBtSWb5zyjpP72lmDI

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
2540	NOTEPAD.EXE

Processes

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\DISTRAINT.v06.12.16-PiviGames.blog\dialogue_italian.ini
1⤵
- Opens file in notepad (likely ransom note)
PID:2540

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads