Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

2024-03-09...uk.exe

windows7-x64

1

2024-03-09...uk.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09/03/2024, 10:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-09_f92394da47135bb5f8b6d9c5b6c7d705_ryuk.exe

  • Size

    1.0MB

  • MD5

    f92394da47135bb5f8b6d9c5b6c7d705

  • SHA1

    54346148cc1a0064d1d686876f84dc474806452a

  • SHA256

    e821de5d7f2a2c85d5cdf21488c02078dcc28eafbc60e179feb39d4dd8c7d28a

  • SHA512

    b7cf9f23b342e9b59eeef1ad584fa494bb33bb5e07916b32398440787baf9d9da888331459b5f976be0b1ccd92b2f8226098b30a35a51e87db585d4dba73cf12

  • SSDEEP

    24576:jE3Dks0jz0WEBlHHPhy1hTr21J9gjNOT07VNf07+:joDkr8W0lH5YhH21rgBOT07Hm

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-09_f92394da47135bb5f8b6d9c5b6c7d705_ryuk.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-09_f92394da47135bb5f8b6d9c5b6c7d705_ryuk.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\IPlugSpectFFT\settings.ini
    Filesize

    189B

    MD5

    77fb254fae75edc9775b6061390caa3a

    SHA1

    b0bd7bddfa8e86470e5975c937e888810f9b2a3b

    SHA256

    65fde51ae69a86c0a3b2b2ab6de8bd593386d6b78e27f20d2f11e561e4d11c45

    SHA512

    d169923de03e0cda28562075804165cf654a042df553eb8c3ecbd520001371537f95dc1373a15a875b6b5c88da8ace5012a6b2d287582d3e5e4a64a7c668b16d

    Download Submit