Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

c18371f2bb...0N.exe

windows7-x64

9

c18371f2bb...0N.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    120s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/07/2024, 13:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c18371f2bb08464bf4e27a734c5e6db0N.exe

  • Size

    52KB

  • MD5

    c18371f2bb08464bf4e27a734c5e6db0

  • SHA1

    9ee8ae37a7007e6cc7c278e567256e15c58da4b9

  • SHA256

    715a497e37b9e3a40bfe838a0cb6679da87b2d09bbbcaf51b4620c66ac3163d0

  • SHA512

    519fa59f42dcab1ca2ad886fd22f4f4760dace2dcc33e279e733abd796f496da4cdaa9642f56bc7ef5e5b87ad1237cc0959a5466f3b221be439494d4811fedcf

  • SSDEEP

    768:W7BlpppARFbhHFoqAJwBqAJw70EXBwzEXBw7:W7ZppApX

Score
9/10
ransomware

Malware Config

Signatures

  • Renames multiple (4409) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c18371f2bb08464bf4e27a734c5e6db0N.exe
    "C:\Users\Admin\AppData\Local\Temp\c18371f2bb08464bf4e27a734c5e6db0N.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\$Recycle.Bin\S-1-5-21-1176886754-713327781-2233697964-1000\desktop.ini.tmp
    Filesize

    52KB

    MD5

    d41a329cfdc2d3c49ad98a7e399d32d4

    SHA1

    b763b36598657301aace6681bd74377029898d38

    SHA256

    cf44f0b38e113416bfbcab2bbd1b58241fedd4cb896d0973e34bde77eefc00e6

    SHA512

    d3cd3a69b8a6697146d7e260882cf9c79bb85a41513eb691f7c1e099ca46767b092aeba470bf527ddeab3150953721f491327266a1b1ecc4f4312cecc07a5434

    Download Submit

  • C:\Program Files\7-Zip\7-zip.dll.tmp
    Filesize

    151KB

    MD5

    1ff180a642d006d9727438c388300c91

    SHA1

    bbc8b53e33f0696899da6e8e176cfd5c70be779c

    SHA256

    d4258cbea86ae3a59f361be3a3084c8fb5ed6ae07496eddcdc2c3250c60c01b9

    SHA512

    896fab356720e4ce5ab9ba84cfd72ece2ed4d2b105f72d9709fa7d38ab5f063fd3a6d8e9fd4dc9aa0159b478ebb3eb7b0309ae2748d9a9c5e1144c4394d7117a

    Download Submit