Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

f934c68550...1d.exe

windows7_x64

3

f934c68550...1d.exe

windows10_x64

3

Analysis

  • max time kernel
    143s
  • max time network
    6s
  • platform
    windows7_x64
  • resource
    win7v200430
  • submitted
    09/07/2020, 13:48 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f934c685506a5fc30ba4c63a14f81c2c51863a264c498186234b2edf7d05e51d.exe

  • Size

    6KB

  • MD5

    22ad5f98cf17f6b82cb73146e6bd2f81

  • SHA1

    8cec6573d2a7776b0c4331dff213e27ab9ccd8b4

  • SHA256

    f934c685506a5fc30ba4c63a14f81c2c51863a264c498186234b2edf7d05e51d

  • SHA512

    1aa3f8c29ba4c953910dd0bc424749021a508ed9ce3e510dbd21e4009ccf9de44ffa1f4bd1789cec1857941259d5403d4b38c39e2b3e706395847476fcd482ca

Score
3/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f934c685506a5fc30ba4c63a14f81c2c51863a264c498186234b2edf7d05e51d.exe
    "C:\Users\Admin\AppData\Local\Temp\f934c685506a5fc30ba4c63a14f81c2c51863a264c498186234b2edf7d05e51d.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:904
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 904 -s 500
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: GetForegroundWindowSpam
      • Program crash
      PID:1412

Network

    No results found
No results found
  • 239.255.255.250:1900
    966 B
     6
  • 239.255.255.250:1900

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1412-1-0x0000000001EA0000-0x0000000001EB1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1412-2-0x0000000002C20000-0x0000000002C31000-memory.dmp

    Filesize

    68KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.