Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

26f1ed107c...b4.exe

windows7-x64

5

26f1ed107c...b4.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    91s
  • max time network
    163s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/09/2022, 20:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    26f1ed107ce0852473c70f81fec1d761de9643dbff0ddce52137b2b31b0113b4.exe

  • Size

    1.2MB

  • MD5

    08463f0dc14da43be6b1b0afd8c75049

  • SHA1

    83f1567f4bcbedbb6290a4887c79682e72b04502

  • SHA256

    26f1ed107ce0852473c70f81fec1d761de9643dbff0ddce52137b2b31b0113b4

  • SHA512

    abf43c220565de707c074197e442e6901da030dcba45f01d6fb0f71fb0a3f9e7f18c2e77e1db904c44c7bd4f5054e866efa182ef4bee30ce3b0556154ef50240

  • SSDEEP

    24576:KTeZ1PDQhGJ5k29ZWT2wuIB14MvwzEULrwMs4G:5DU05k2Q7oMlww4

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 3 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Drops file in Windows directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\26f1ed107ce0852473c70f81fec1d761de9643dbff0ddce52137b2b31b0113b4.exe
    "C:\Users\Admin\AppData\Local\Temp\26f1ed107ce0852473c70f81fec1d761de9643dbff0ddce52137b2b31b0113b4.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    PID:2896

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads