Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

4

RevoUninst...nt.txt

windows10-2004-x64

4

RevoUninst...lp.pdf

windows10-2004-x64

3

RevoUninst...rt.exe

windows10-2004-x64

3

RevoUninst...rs.dat

windows10-2004-x64

3

RevoUninst...ch.ini

windows10-2004-x64

1

RevoUninst...sh.ini

windows10-2004-x64

1

RevoUninst...gs.ini

windows10-2004-x64

1

RevoUninst...rt.dat

windows10-2004-x64

3

RevoUninst...Un.exe

windows10-2004-x64

6

RevoUninst...on.bmp

windows10-2004-x64

7

RevoUninst...Un.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    95s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/08/2024, 13:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RevoUninstaller_Portable/lang/czech.ini

  • Size

    98KB

  • MD5

    edf65aa9e3901e57e6290c53d9b18f19

  • SHA1

    c22a962518f577f96d187831c4009d807f5f8b6d

  • SHA256

    aa6b1d30a2adc755a44122aca13c7ca56c740c6e69f9b799ea6fd5ca7109dc4e

  • SHA512

    0be4b66e464ccc6108df33156eef18e473424e8ebe832060321dea50be93e2a8e1aa81801ab44d545e24654cb112abf302d983345936dc2e8a73b0abbd4a9505

  • SSDEEP

    768:Qo4WsLv7IW5d2Up6zgnwnDLJ7u32oKmbcEUE6KkAcsl5V9nOlIjVM2bhTRvwLaJO:Wv7YC5V5xjVM2bhtvwicvgU/WdEc0Km

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\RevoUninstaller_Portable\lang\czech.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:3344

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads