Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
167s -
max time network
184s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
02/10/2022, 12:26 UTC
General
-
Target
bcdb5470038096a980cae1a3903bf9f8b6ef4b1add328600c9a15c236301895b.exe
-
Size
178KB
-
MD5
5fb2acdebe2551b60a10f40ef849b122
-
SHA1
6d2fb7dc197e46fc155561174101178b6c7f3e8c
-
SHA256
bcdb5470038096a980cae1a3903bf9f8b6ef4b1add328600c9a15c236301895b
-
SHA512
0a00634bdce51212aa0345821bbcf1a05fb823d4707fff2503f05c18dd79ac132d6ae78de2f6929e3c4bbeb1ae3d1f6329f4c331a79335367d5e6f076632a9ea
-
SSDEEP
3072:PEwpbu9rcFwq+dzzvPPD3CVsQqUUucIoCvgmXYZ5OJRvNjmNIFE4j:PEwpbUcFwq+dzrPPL8eRuqC4SYOLNjmM
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\bcdb5470038096a980cae1a3903bf9f8b6ef4b1add328600c9a15c236301895b.exe"C:\Users\Admin\AppData\Local\Temp\bcdb5470038096a980cae1a3903bf9f8b6ef4b1add328600c9a15c236301895b.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3304 -s 7922⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 3304 -ip 33041⤵
Network
-
DNSnicovideo.jpRemote address:8.8.8.8:53Requestnicovideo.jpIN AResponsenicovideo.jpIN A133.152.43.29 -
DNSkaixin001.comRemote address:8.8.8.8:53Requestkaixin001.comIN AResponsekaixin001.comIN A140.143.114.22kaixin001.comIN A58.87.81.218
-
8.238.20.126:80
-
8.238.20.126:80
-
8.253.208.120:80
-
8.238.20.254:80
-
8.253.208.120:80
-
8.238.55.126:80
-
8.8.8.8:53nicovideo.jpdns
DNS Request
nicovideo.jp
DNS Response
133.152.43.29
-
8.8.8.8:53kaixin001.comdns
DNS Request
kaixin001.com
DNS Response
140.143.114.2258.87.81.218
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
92KB
-
Filesize
184KB
-
Filesize
92KB