Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

cracked.celka.exe

windows7-x64

5

cracked.celka.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    9s
  • max time network
    11s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2022, 09:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cracked.celka.exe

  • Size

    6.7MB

  • MD5

    62ab9b9303b1266cb40fab9220366a67

  • SHA1

    769c0ef2cc40ff42c0672b8aab0de8844ef57043

  • SHA256

    1d50e587e37058490a993a948e71164d3a4177cd5a488c8f445499c03cb09335

  • SHA512

    bd939e66cac7e3fabde0b3aee983bf50875ad3e227a96e7c40d848f522b2aeb6a4eeb2ce49a4fabc457107cd0c653fb1ca7762f4295e8b6d0f74a3eca6f8955f

  • SSDEEP

    98304:7lGfmRrhQR9j5JZB2DmQ0eNJdA9FDcs9SY8ZOPaQ9cNCekoY++OCEQ7vNR:9RrSR9tJbZWwqs9SY8kcNCX02l

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cracked.celka.exe
    "C:\Users\Admin\AppData\Local\Temp\cracked.celka.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:1200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1200-54-0x0000000140000000-0x0000000140BF6000-memory.dmp

    Filesize

    12.0MB

    Download

  • memory/1200-57-0x0000000140000000-0x0000000140BF6000-memory.dmp

    Filesize

    12.0MB

    Download

  • memory/1200-58-0x0000000140000000-0x0000000140BF6000-memory.dmp

    Filesize

    12.0MB

    Download