Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

3a7d6b2b3e...79.exe

windows7-x64

9

3a7d6b2b3e...79.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    159s
  • max time network
    169s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/05/2024, 20:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3a7d6b2b3e03df3680b7e1018996ab5b3df27391ee1647d1a7559e11179e1979.exe

  • Size

    85KB

  • MD5

    2cd54d55d2afe1b370327d60cb56983f

  • SHA1

    86a55ab349d3fe8cb97488fc681b4be78b94e006

  • SHA256

    3a7d6b2b3e03df3680b7e1018996ab5b3df27391ee1647d1a7559e11179e1979

  • SHA512

    60d0995663f8d725731c06fe39f764608db78d02ae1c41cfde89f48effd46d38993dcade3b9189d8a8f017ca5c64c8145ea4901067ee5ffacdc8796e4c84ddc7

  • SSDEEP

    1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6b+W+V76Rbk:6e7WpP9oVLQthbYY9oVLQthbUvD

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (869) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3a7d6b2b3e03df3680b7e1018996ab5b3df27391ee1647d1a7559e11179e1979.exe
    "C:\Users\Admin\AppData\Local\Temp\3a7d6b2b3e03df3680b7e1018996ab5b3df27391ee1647d1a7559e11179e1979.exe"
    1⤵
    • Drops file in Program Files directory
    PID:4744
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3684 --field-trial-handle=2656,i,16940681401824032220,151921362336696246,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:448

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\$Recycle.Bin\S-1-5-21-3808065738-1666277613-1125846146-1000\desktop.ini.tmp
      Filesize

      85KB

      MD5

      98adf626a2140877e3ed7cf8ea5fa889

      SHA1

      4607f49fd2934925fbc191a06caea74fd03d5d32

      SHA256

      fcbd6724a00cf2c5a8b091201015f11b5dcbd9bc14ff00297251bb80f5c74a5e

      SHA512

      9475a72a1028e0d98f1b94a6203efe8727dd39ad17d89a51998a17fdfa300d8d788defb91611784672f47098c4f3f7dd7639b071e03786f84e78329b45df1e3f

      Download Submit

    • C:\libsmartscreen.dll.tmp
      Filesize

      85KB

      MD5

      6b254a7bb1e9d0680d96d74072bc78bc

      SHA1

      ead9d0a57c3404857635a3ade238791aa7c5602f

      SHA256

      c631f176d03b42dd2faf306eb313ef8a6d33e7951587728b530a63015faa99c9

      SHA512

      2113ff817710b161e26dffbadf5eacc0fb8be8884dd28b2cd0b5c02ae1931b0535b7dc7a5baa85acc03a19586b69bbb0e15bb67bbf322c7c76c59ca924b6e3c6

      Download Submit