Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
03/06/2024, 01:37
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe
Resource
win7-20240220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe
-
Size
69KB
-
MD5
a26c70bc2c4478f74e2be50f5be4c182
-
SHA1
9b889272dac81093fa29762ecc4c4a24faf3783d
-
SHA256
9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0
-
SHA512
beba857b473355b910b258e3b5181ff43ac403536126f3450ca70752c2718885a23c57a06b640128101fbd653402afd126e47cccb935e802d3700cff7612a413
-
SSDEEP
1536:W7ZhA7pApvOsOKjC0YSilpFpfkJOMETHeR:6e7WpXYvnK
Score
9/10
Malware Config
Signatures
-
Renames multiple (3533) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Petersburg.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Macau.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\libps_plugin.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Common Files\System\msadc\handsafe.reg.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\mc.jar.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Journal\es-ES\Journal.exe.mui.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Media Player\fr-FR\wmlaunch.exe.mui.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-oql.xml.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\VideoLAN\VLC\plugins\visualization\libvisual_plugin.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\spacer_highlights.png.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-ui.xml.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Microsoft Games\Mahjong\MahjongMCE.png.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_snow.png.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Common Files\System\msadc\es-ES\msadcfr.dll.mui.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jre7\lib\accessibility.properties.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\libnfs_plugin.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\7-Zip\Lang\pa-in.txt.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Jamaica.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core.xml.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-12.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\clock.html.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\css\flyout.css.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\am.pak.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Midway.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_bottom_right.png.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jre7\bin\splashscreen.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.ServiceModel.Resources.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\picturePuzzle.html.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\js\settings.js.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Internet Explorer\IEShims.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\dcpr.dll.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jre7\lib\zi\America\Noronha.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\Java\jre7\lib\zi\America\Thule.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe File created C:\Program Files\7-Zip\Lang\sq.txt.tmp 9eb3fa5e018d4f191d2edaa05c6afe841e115c8bbfa423e0722f4ee07bcfebc0.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
70KB
MD58ebf16989b289e69e1ee14b8b727dbda
SHA1a3a033971f43e608fc5c477c05033a50493045ca
SHA2560d3d5f5cdd665978fdcaed72a31b2de60cef702c16933d75fafa6c36f085f0bc
SHA512bc6615589d45964b6aed134baddf990ccd1576006e507b9ac34c2ca4b9be965d5b5512e07d01873f05a252d89b51a996f4f6847ee0cfebf2b60f415ddb26b6a5
-
Filesize
79KB
MD55806be5599806b226ed642d23ee0bae0
SHA17bbc522a4826a8eb0cf44f032f56ba689ba99022
SHA2563fe728776a71742bf05992da8ab4548409e915d4117d9218f5eb6a9acb5db9c2
SHA51257ae84fe8c4551176540dc0f608ff3fe249e9ba701009fe244cafeb400ed85220526be5d31329652a53c8b08d8b8cb6cabf299d70196ce2eb92364dca6e6dd19