Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    6s
  • max time network
    11s
  • platform
    windows7_x64
  • resource
    win7
  • submitted
    28/08/2020, 17:46

General

  • Target

    4b76ad80e9ce4c503bde0e476a88447426fc38315d440d22926627295e1b0ec6.bin.exe

  • Size

    12.6MB

  • MD5

    d427390e9fad598ec3288c9275c84628

  • SHA1

    7b88e1eaa07151fc0d7639574fc7f40fa5be8aa3

  • SHA256

    4b76ad80e9ce4c503bde0e476a88447426fc38315d440d22926627295e1b0ec6

  • SHA512

    83ecc48386999ec6d05999d88e9a81eae5267ea807441727cd60d44f17ead8a0ca6e8a0ffa7d5e4e9fc800d858fb2ee824815abe4299e0ec85639384b75324a8

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 32 IoCs
  • JavaScript code in executable 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4b76ad80e9ce4c503bde0e476a88447426fc38315d440d22926627295e1b0ec6.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\4b76ad80e9ce4c503bde0e476a88447426fc38315d440d22926627295e1b0ec6.bin.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1684
    • C:\Users\Admin\AppData\Local\Temp\4b76ad80e9ce4c503bde0e476a88447426fc38315d440d22926627295e1b0ec6.bin.exe
      "C:\Users\Admin\AppData\Local\Temp\4b76ad80e9ce4c503bde0e476a88447426fc38315d440d22926627295e1b0ec6.bin.exe"
      2⤵
      • Loads dropped DLL
      • Suspicious use of AdjustPrivilegeToken
      PID:1940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads