Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

c18371f2bb...0N.exe

windows7-x64

9

c18371f2bb...0N.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    119s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23/07/2024, 13:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c18371f2bb08464bf4e27a734c5e6db0N.exe

  • Size

    52KB

  • MD5

    c18371f2bb08464bf4e27a734c5e6db0

  • SHA1

    9ee8ae37a7007e6cc7c278e567256e15c58da4b9

  • SHA256

    715a497e37b9e3a40bfe838a0cb6679da87b2d09bbbcaf51b4620c66ac3163d0

  • SHA512

    519fa59f42dcab1ca2ad886fd22f4f4760dace2dcc33e279e733abd796f496da4cdaa9642f56bc7ef5e5b87ad1237cc0959a5466f3b221be439494d4811fedcf

  • SSDEEP

    768:W7BlpppARFbhHFoqAJwBqAJw70EXBwzEXBw7:W7ZppApX

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (3260) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c18371f2bb08464bf4e27a734c5e6db0N.exe
    "C:\Users\Admin\AppData\Local\Temp\c18371f2bb08464bf4e27a734c5e6db0N.exe"
    1⤵
    • Drops file in Program Files directory
    PID:3020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-3294248377-1418901787-4083263181-1000\desktop.ini.tmp
    Filesize

    52KB

    MD5

    59c438fcc846446efd9999a132cf7d3d

    SHA1

    f5520c4aeb3eff17ba1e99aafb5977dea74896f3

    SHA256

    06c6dbed372c0f2fd49feb5b9475948701019418a7fd2628525555f73ecb3b6f

    SHA512

    8f845fc285c79f4cc016cf31e720761ab8f16e39141530bf3b06465ecdbe1b44300a18da02ab8de237ea5a27f8d9b8a1a0bb9c7c43f5b356b67f3c53c565b8d5

    Download Submit

  • C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
    Filesize

    61KB

    MD5

    f10c19d79bb36ff9e423ef1f3a64c5ef

    SHA1

    6b5ce0a7a4cbc6f4fd2b359f0a9f68b2f330912b

    SHA256

    f02352ce3d1929f0ea5eb5e5faa68bbf77c5a5ece31d930170e5d304bbbdde02

    SHA512

    2bce18487d0e2e0b987fc2a75d76d0897490bdb61c0add5e95f53a2c96bd966327212677c1f746c25650869ef55f9b81c4c8a8171b9c256a39da0bf61138d657

    Download Submit