Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

7

4accd58304...0N.exe

windows7-x64

9

4accd58304...0N.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    120s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2024, 02:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4accd58304ae30fe1cc06cb4b2e35f60N.exe

  • Size

    70KB

  • MD5

    4accd58304ae30fe1cc06cb4b2e35f60

  • SHA1

    7a23233ab0f6b8ab1024eb78e96d1fc7f4b48bdf

  • SHA256

    6a3db19b2054ab1b7fc42990bb33b9d0567e3be0f99dae1309d401b68b612f61

  • SHA512

    e0fd873a9f457f30c40b3afe2f92b73c9b0462155140aba33976662bc32147a797f17063986f20b531650d12b8789d872258c17708454a950591119fee37a75e

  • SSDEEP

    1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxH:fnyiQSoy

Score
9/10
ransomwareupx

Malware Config

Signatures

  • Renames multiple (339) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4accd58304ae30fe1cc06cb4b2e35f60N.exe
    "C:\Users\Admin\AppData\Local\Temp\4accd58304ae30fe1cc06cb4b2e35f60N.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-2212144002-1172735686-1556890956-1000\desktop.ini.tmp
    Filesize

    70KB

    MD5

    2370fbb5ef3e13ab72da257870fb4f15

    SHA1

    ad850b4502c8481fb2de228a7120f067dfa75e2c

    SHA256

    1da532f86597754cf46b7fe59df148e910458537a58560a052fb545d62220bf2

    SHA512

    13722ee48dd4fa3928141cccd8573debac355a6cc4277cfb17a002012855acecd36c522c5078214181a0293041b3c9c166a35cbae8be7bc78b027af1b7d7542f

    Download Submit

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    79KB

    MD5

    48657361317d1268fc87b536ccbb7b39

    SHA1

    8f5b81df545b5cd9114a5a1d0a8657a279fea5bb

    SHA256

    df2713f155fc4ce7dad43eae0faddef63c293bbd504db0905fbd51be6b3438b0

    SHA512

    d96ae349411dd7dfd4d416d25212c7969dbbcb13cd9d694cf1979c6ca1d334d77364995cc6e0e8fb8169db1cb67fa26de35e591dd656bab064922ba7d75d016a

    Download Submit

  • memory/1612-0-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/1612-70-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB

    Download