Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

047f76e667...92.exe

windows7_x64

1

047f76e667...92.exe

windows10_x64

1

Analysis

  • max time kernel
    159s
  • max time network
    175s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    30/01/2022, 16:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    047f76e6674abf3887162158ec0ea1de324236402fba9698cec204a2d7d8dc92.exe

  • Size

    9.3MB

  • MD5

    5546caf5f5a1a4ee911b43459446f940

  • SHA1

    2f736f8d1f20d12c25f40bd3574a1cc398542cc4

  • SHA256

    047f76e6674abf3887162158ec0ea1de324236402fba9698cec204a2d7d8dc92

  • SHA512

    dab84b54e3902aacea0f65ae35b92eb626cfd6f2d8d8c2b2372d87dd75940dcb7bd820efd3ee8ca8067b82d1df95801db2dd2fa7885daa8187e136baacfc5667

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\047f76e6674abf3887162158ec0ea1de324236402fba9698cec204a2d7d8dc92.exe
    "C:\Users\Admin\AppData\Local\Temp\047f76e6674abf3887162158ec0ea1de324236402fba9698cec204a2d7d8dc92.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3568

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3568-115-0x0000000003AD0000-0x0000000003AD1000-memory.dmp

    Filesize

    4KB

    Download