Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

payment.exe

windows7_x64

10

payment.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    154s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    21/05/2022, 12:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    payment.exe

  • Size

    824KB

  • MD5

    4da9b1c872a6f439f021f1de649fef0b

  • SHA1

    99e749fb6f278bd3a11aef9061231a60d4d5076e

  • SHA256

    22affc52b0adbdbe156a2f9033829ff188ed56e472db2b545a1c8913641894fe

  • SHA512

    eb8a7f59731316064dcadee08d289d129c2a88d0763709a1f96456308db1487c1566f0a33bcd4c6aac1021363e7b949703d25e32c69eca86581607a5a1113670

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\payment.exe
    "C:\Users\Admin\AppData\Local\Temp\payment.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2684

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2684-130-0x0000000000B40000-0x0000000000C14000-memory.dmp

    Filesize

    848KB

    Download

  • memory/2684-131-0x0000000005CC0000-0x0000000006264000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2684-132-0x00000000055D0000-0x0000000005662000-memory.dmp

    Filesize

    584KB

    Download

  • memory/2684-133-0x0000000005A00000-0x0000000005A9C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/2684-134-0x0000000005C10000-0x0000000005C76000-memory.dmp

    Filesize

    408KB

    Download