Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

279ed03216...9b.exe

windows7-x64

7

279ed03216...9b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/10/2022, 20:10 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    279ed032164ba135cb8d06302276524628b6d2793f214ed0c9609a42cb10c49b.exe

  • Size

    530KB

  • MD5

    0948966d7e976a779510eb1b37110854

  • SHA1

    89598c82680aba59ea66f2d7605cfc8ee77ca8a0

  • SHA256

    279ed032164ba135cb8d06302276524628b6d2793f214ed0c9609a42cb10c49b

  • SHA512

    37ec035b3d2fe8d4f6850bf435ad6ef097197ed1e2b0378828923c049d14095df6132f174fbfd387e980141200dbe35391582bde5424c1fa082cbb6ec3fbc779

  • SSDEEP

    6144:1NOR+on646x5JTYtvLxUozhALXEZ/cSyYn/0Biy4oXmya76p7t:1do6zTYtvFUoPaJtXJX

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 6 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 16 IoCs
  • Suspicious use of AdjustPrivilegeToken 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\279ed032164ba135cb8d06302276524628b6d2793f214ed0c9609a42cb10c49b.exe
    "C:\Users\Admin\AppData\Local\Temp\279ed032164ba135cb8d06302276524628b6d2793f214ed0c9609a42cb10c49b.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4420

Network

    No results found
  • 93.184.220.29:80
    322 B
     7
  • 95.101.78.82:80
    322 B
     7
  • 104.80.225.205:443
    322 B
     7
  • 93.184.221.240:80
    260 B
     5
  • 93.184.220.29:80
    260 B
     5
  • 93.184.221.240:80
    322 B
     7
No results found

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\svchost.exe
    Filesize

    530KB

    MD5

    0948966d7e976a779510eb1b37110854

    SHA1

    89598c82680aba59ea66f2d7605cfc8ee77ca8a0

    SHA256

    279ed032164ba135cb8d06302276524628b6d2793f214ed0c9609a42cb10c49b

    SHA512

    37ec035b3d2fe8d4f6850bf435ad6ef097197ed1e2b0378828923c049d14095df6132f174fbfd387e980141200dbe35391582bde5424c1fa082cbb6ec3fbc779

    Download Submit

  • C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\svchost.exe
    Filesize

    530KB

    MD5

    0948966d7e976a779510eb1b37110854

    SHA1

    89598c82680aba59ea66f2d7605cfc8ee77ca8a0

    SHA256

    279ed032164ba135cb8d06302276524628b6d2793f214ed0c9609a42cb10c49b

    SHA512

    37ec035b3d2fe8d4f6850bf435ad6ef097197ed1e2b0378828923c049d14095df6132f174fbfd387e980141200dbe35391582bde5424c1fa082cbb6ec3fbc779

    Download Submit

  • C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\svchost.exe
    Filesize

    530KB

    MD5

    0948966d7e976a779510eb1b37110854

    SHA1

    89598c82680aba59ea66f2d7605cfc8ee77ca8a0

    SHA256

    279ed032164ba135cb8d06302276524628b6d2793f214ed0c9609a42cb10c49b

    SHA512

    37ec035b3d2fe8d4f6850bf435ad6ef097197ed1e2b0378828923c049d14095df6132f174fbfd387e980141200dbe35391582bde5424c1fa082cbb6ec3fbc779

    Download Submit

  • C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\svchost.exe
    Filesize

    530KB

    MD5

    0948966d7e976a779510eb1b37110854

    SHA1

    89598c82680aba59ea66f2d7605cfc8ee77ca8a0

    SHA256

    279ed032164ba135cb8d06302276524628b6d2793f214ed0c9609a42cb10c49b

    SHA512

    37ec035b3d2fe8d4f6850bf435ad6ef097197ed1e2b0378828923c049d14095df6132f174fbfd387e980141200dbe35391582bde5424c1fa082cbb6ec3fbc779

    Download Submit

  • C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\svchost.exe
    Filesize

    530KB

    MD5

    0948966d7e976a779510eb1b37110854

    SHA1

    89598c82680aba59ea66f2d7605cfc8ee77ca8a0

    SHA256

    279ed032164ba135cb8d06302276524628b6d2793f214ed0c9609a42cb10c49b

    SHA512

    37ec035b3d2fe8d4f6850bf435ad6ef097197ed1e2b0378828923c049d14095df6132f174fbfd387e980141200dbe35391582bde5424c1fa082cbb6ec3fbc779

    Download Submit

  • C:\Program Files (x86)\Common Files\Microsoft Shared\DAO\svchost.exe
    Filesize

    530KB

    MD5

    0948966d7e976a779510eb1b37110854

    SHA1

    89598c82680aba59ea66f2d7605cfc8ee77ca8a0

    SHA256

    279ed032164ba135cb8d06302276524628b6d2793f214ed0c9609a42cb10c49b

    SHA512

    37ec035b3d2fe8d4f6850bf435ad6ef097197ed1e2b0378828923c049d14095df6132f174fbfd387e980141200dbe35391582bde5424c1fa082cbb6ec3fbc779

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.