Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

edcf2ab093...81.exe

windows7_x64

1

edcf2ab093...81.exe

windows10_x64

1

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10_x64
  • resource
    win10v200430
  • submitted
    07/07/2020, 06:47 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681.exe

  • Size

    50KB

  • MD5

    dc7364b3378a9faadd3740fee4ead768

  • SHA1

    50e788ab20062ee1b4d529d64feb94be6a2b3b34

  • SHA256

    edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681

  • SHA512

    034fade533db4318dd976bd852e157cea3b59b78312afe6deac83b3900870cfd4eb247b6fef60827297d268afe28278b000521d4b7d367a706e047c94eead267

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681.exe
    "C:\Users\Admin\AppData\Local\Temp\edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2804

Network

  • flag-unknown
    DNS
    supertop.duckdns.org
    Remote address:
    8.8.8.8:53
    Request
    supertop.duckdns.org
    IN A
    Response
    supertop.duckdns.org
    IN A
    141.255.147.11
  • flag-unknown
    DNS
    dns.msftncsi.com
    Remote address:
    8.8.8.8:53
    Request
    dns.msftncsi.com
    IN A
    Response
    dns.msftncsi.com
    IN A
    131.107.255.255
  • flag-unknown
    DNS
    supertop.duckdns.org
    Remote address:
    8.8.8.8:53
    Request
    supertop.duckdns.org
    IN A
    Response
    supertop.duckdns.org
    IN A
    141.255.147.11
  • flag-unknown
    DNS
    supertop.duckdns.org
    Remote address:
    8.8.8.8:53
    Request
    supertop.duckdns.org
    IN A
    Response
    supertop.duckdns.org
    IN A
    141.255.147.11
  • 127.0.0.1:47001
  • 141.255.147.11:333
    supertop.duckdns.org
    edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681.exe
    156 B
     3
  • 141.255.147.11:333
    supertop.duckdns.org
    edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681.exe
    156 B
     3
  • 141.255.147.11:333
    supertop.duckdns.org
    edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681.exe
    156 B
     3
  • 141.255.147.11:333
    supertop.duckdns.org
    edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681.exe
    156 B
     3
  • 141.255.147.11:333
    supertop.duckdns.org
    edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681.exe
    156 B
     3
  • 141.255.147.11:333
    supertop.duckdns.org
    edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681.exe
    156 B
     3
  • 141.255.147.11:333
    supertop.duckdns.org
    edcf2ab0937689a7e0475395a8654f874e413649ee63100e61c4d1a8c09ba681.exe
    52 B
     1
  • 239.255.255.250:1900
    1.3kB
     8
  • 239.255.255.250:1900
  • 8.8.8.8:53
    supertop.duckdns.org
    dns
    66 B
     82 B
     1
    1

    DNS Request

    supertop.duckdns.org

    DNS Response

    141.255.147.11

  • 10.10.0.255:137
    netbios-ns
    288 B
     3
  • 10.10.0.16:137
    netbios-ns
    270 B
     3
  • 8.8.8.8:53
    dns.msftncsi.com
    dns
    62 B
     78 B
     1
    1

    DNS Request

    dns.msftncsi.com

    DNS Response

    131.107.255.255

  • 8.8.8.8:53
    supertop.duckdns.org
    dns
    66 B
     82 B
     1
    1

    DNS Request

    supertop.duckdns.org

    DNS Response

    141.255.147.11

  • 8.8.8.8:53
    supertop.duckdns.org
    dns
    66 B
     82 B
     1
    1

    DNS Request

    supertop.duckdns.org

    DNS Response

    141.255.147.11

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.