Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3ad0af44a4...a3.exe

windows7_x64

10

3ad0af44a4...a3.exe

windows10_x64

3

Analysis

  • max time kernel
    18s
  • max time network
    115s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    07/09/2021, 15:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3ad0af44a4269c0121eeb19cee197a90b4a7e862b5ce04eab6aafc021dd6e7a3.exe

  • Size

    125KB

  • MD5

    f9bf85cfb68d9e5f68bbccaf683af15c

  • SHA1

    a2eae8c1350fcfa429d2af664d8320edbfabe5d3

  • SHA256

    463b34821a8eb219ff5980787d95bc2cfdd2d7f82720163394973814cd5dfe40

  • SHA512

    07032679f19bba5690b59a6b689859d0b3611995cca6f990d2eee4b2f586493b29e70b4525e057abefe79a86695fa934f52e175a12098e0eeef7c1e3d049066a

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 14 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3ad0af44a4269c0121eeb19cee197a90b4a7e862b5ce04eab6aafc021dd6e7a3.exe
    "C:\Users\Admin\AppData\Local\Temp\3ad0af44a4269c0121eeb19cee197a90b4a7e862b5ce04eab6aafc021dd6e7a3.exe"
    1⤵
      PID:636
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 636 -s 152
        2⤵
        • Program crash
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:2392

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads