Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Battly-Lau...ws.exe

windows7-x64

7

Battly-Lau...ws.exe

windows10-2004-x64

7

resources/...e.json

windows7-x64

3

resources/...e.json

windows10-2004-x64

3

resources/...e.json

windows7-x64

3

resources/...e.json

windows10-2004-x64

3

resources/...Me.txt

windows7-x64

1

resources/...Me.txt

windows10-2004-x64

1

resources/...e.json

windows7-x64

3

resources/...e.json

windows10-2004-x64

3

resources/...e.json

windows7-x64

3

resources/...e.json

windows10-2004-x64

3

resources/...ds.ejs

windows7-x64

3

resources/...ds.ejs

windows10-2004-x64

3

resources/...ex.css

windows7-x64

3

resources/...ex.css

windows10-2004-x64

7

resources/...n.icns

windows7-x64

3

resources/...n.icns

windows10-2004-x64

3

resources/...on.ico

windows7-x64

3

resources/...on.ico

windows10-2004-x64

3

resources/...on.png

windows7-x64

3

resources/...on.png

windows10-2004-x64

3

resources/...nd.png

windows7-x64

3

resources/...nd.png

windows10-2004-x64

3

resources/...ar.png

windows7-x64

3

resources/...ar.png

windows10-2004-x64

3

resources/...de.png

windows7-x64

3

resources/...de.png

windows10-2004-x64

3

resources/...en.png

windows7-x64

3

resources/...en.png

windows10-2004-x64

3

resources/...es.png

windows7-x64

3

resources/...es.png

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    18/08/2024, 22:18 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/app/src/assets/css/index.css

  • Size

    20KB

  • MD5

    9338a403220d934986f5dc738419174d

  • SHA1

    33d0a93608f28900b4771b49d88259b2f70350e7

  • SHA256

    2f281d5eb03f52a46514089fd0b0af408f02613a8fcef8d506dc01f590651d7c

  • SHA512

    cd92d15c6ee9d6d9ed78fa073406462d5f3b33cc9c198a693fa51f53889ba9f5ef2a498ea3f033ef7cad73b1248e4bad9afcad8246f5b98dcde3435399dca508

  • SSDEEP

    192:zIPPOBM/UfNLh38L6wLLd949+cZaxYPrunqm0LJ4nqBDmwsNSflfBWG+ngBmb:UFUf7ML6hPrDz+KfBWtg0

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\resources\app\src\assets\css\index.css
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2668
    • C:\Windows\system32\NOTEPAD.EXE
      "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\resources\app\src\assets\css\index.css
      2⤵
      • Opens file in notepad (likely ransom note)
      PID:2644

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.