Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

Untitled a...22.eml

windows7-x64

5

Untitled a...22.eml

windows10-2004-x64

3

details.txt

windows7-x64

1

details.txt

windows10-2004-x64

1

Resubmissions

28/02/2024, 11:27 UTC

240228-nkybraad39 5

28/02/2024, 11:25 UTC

240228-njrgtaad8v 5

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/02/2024, 11:25 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    details.txt

  • Size

    630B

  • MD5

    46632d9b0a9366bc021b1609f32e2190

  • SHA1

    e96a15a887bc1ac98be5470d0092c0764eb939e4

  • SHA256

    0b982cbae3944440140336a03601ed845df8a281ef629ba27ec9da2403390cf9

  • SHA512

    a560305b718582ae0acf678aa4ef1a06c93bfb58f421f5bed919c5f01ebf319bd7b5a0fbcc8dc71d9e3908710e7bd18d20c3add5044535856f0fb8ca30c891c6

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\details.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:1684

Network

  • flag-us
    DNS
    14.160.190.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    14.160.190.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    9.228.82.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    9.228.82.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    200.178.17.96.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    200.178.17.96.in-addr.arpa
    IN PTR
    Response
    200.178.17.96.in-addr.arpa
    IN PTR
    a96-17-178-200deploystaticakamaitechnologiescom
  • flag-us
    DNS
    41.110.16.96.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    41.110.16.96.in-addr.arpa
    IN PTR
    Response
    41.110.16.96.in-addr.arpa
    IN PTR
    a96-16-110-41deploystaticakamaitechnologiescom
  • flag-us
    DNS
    26.35.223.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    26.35.223.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    86.23.85.13.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    86.23.85.13.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    56.126.166.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    56.126.166.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    217.135.221.88.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    217.135.221.88.in-addr.arpa
    IN PTR
    Response
    217.135.221.88.in-addr.arpa
    IN PTR
    a88-221-135-217deploystaticakamaitechnologiescom
  • flag-us
    DNS
    208.178.17.96.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    208.178.17.96.in-addr.arpa
    IN PTR
    Response
    208.178.17.96.in-addr.arpa
    IN PTR
    a96-17-178-208deploystaticakamaitechnologiescom
No results found
  • 8.8.8.8:53
    14.160.190.20.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    14.160.190.20.in-addr.arpa

  • 8.8.8.8:53
    9.228.82.20.in-addr.arpa
    dns
    70 B
     156 B
     1
    1

    DNS Request

    9.228.82.20.in-addr.arpa

  • 8.8.8.8:53
    200.178.17.96.in-addr.arpa
    dns
    72 B
     137 B
     1
    1

    DNS Request

    200.178.17.96.in-addr.arpa

  • 8.8.8.8:53
    41.110.16.96.in-addr.arpa
    dns
    71 B
     135 B
     1
    1

    DNS Request

    41.110.16.96.in-addr.arpa

  • 8.8.8.8:53
    26.35.223.20.in-addr.arpa
    dns
    71 B
     157 B
     1
    1

    DNS Request

    26.35.223.20.in-addr.arpa

  • 8.8.8.8:53
    86.23.85.13.in-addr.arpa
    dns
    70 B
     144 B
     1
    1

    DNS Request

    86.23.85.13.in-addr.arpa

  • 8.8.8.8:53
    56.126.166.20.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    56.126.166.20.in-addr.arpa

  • 8.8.8.8:53
    217.135.221.88.in-addr.arpa
    dns
    73 B
     139 B
     1
    1

    DNS Request

    217.135.221.88.in-addr.arpa

  • 8.8.8.8:53
    208.178.17.96.in-addr.arpa
    dns
    72 B
     137 B
     1
    1

    DNS Request

    208.178.17.96.in-addr.arpa

  • 8.8.8.8:53

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.