Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

eb34997850...96.exe

windows7-x64

10

eb34997850...96.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    97s
  • max time network
    163s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/10/2022, 23:23 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb34997850c70a4d8e8a9eb0fee3e04b6bdc7aec72cdf6df0f3d63842d736a96.exe

  • Size

    246KB

  • MD5

    66a37d7b13902048a7b947785c990910

  • SHA1

    c845c1c9ba6e5d07404600e2e2f1b674f5e9e485

  • SHA256

    eb34997850c70a4d8e8a9eb0fee3e04b6bdc7aec72cdf6df0f3d63842d736a96

  • SHA512

    759b9a3ca40fd89140285dbc32b25b56d9ffa1c64adbf240e5b175dc0e9b0c26ff4ff6bffe397c31e8cefa38c0cc93b2c818ee2a23898dad5a8dba52baeaab30

  • SSDEEP

    6144:jfMrmQ0hVh5kIr06t5J2wiAksaDlRCDeu3OmDv5r9S4vPMHie3Fg1SAuK1:gqr0IJJzdahRCau3lvd3MzWG

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eb34997850c70a4d8e8a9eb0fee3e04b6bdc7aec72cdf6df0f3d63842d736a96.exe
    "C:\Users\Admin\AppData\Local\Temp\eb34997850c70a4d8e8a9eb0fee3e04b6bdc7aec72cdf6df0f3d63842d736a96.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2572
    • C:\Users\Admin\AppData\Local\Temp\eb34997850c70a4d8e8a9eb0fee3e04b6bdc7aec72cdf6df0f3d63842d736a96.exe
      C:\Users\Admin\AppData\Local\Temp\eb34997850c70a4d8e8a9eb0fee3e04b6bdc7aec72cdf6df0f3d63842d736a96.exe
      2⤵
        PID:208

    Network

      No results found
    • 20.42.73.24:443
      322 B
       7
    • 8.252.117.126:80
      322 B
       7
    • 8.252.117.126:80
      322 B
       7
    • 8.252.117.126:80
      322 B
       7
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2572-132-0x0000000000A80000-0x0000000000AC4000-memory.dmp

      Filesize

      272KB

      Download

    • memory/2572-133-0x0000000005930000-0x0000000005ED4000-memory.dmp

      Filesize

      5.6MB

      Download

    • memory/2572-134-0x0000000005470000-0x0000000005502000-memory.dmp

      Filesize

      584KB

      Download

    • memory/2572-135-0x0000000005510000-0x000000000551A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/2572-136-0x00000000079F0000-0x0000000007A8C000-memory.dmp

      Filesize

      624KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.