Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
91s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
19/10/2022, 18:58
Behavioral task
behavioral1
Sample
de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe
Resource
win7-20220812-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe
-
Size
85KB
-
MD5
a23a54d558ec91d131e01342fac23230
-
SHA1
09ebd6da6fdd133970725797f067a1ea27e4bc5a
-
SHA256
de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f
-
SHA512
4573aaff96689d231657c2eb60c2804765a5e4e2d25964f86072b06a30dba14d06127caeb36822ea68fe7deb0030fe1e694b638efa5a984ae882d28a3db4c884
-
SSDEEP
1536:5lrsicagdzn8K2ariPOcjk+XQuPVN72NMSCl0/IRS3Ue54no:5JjcF8KfCOcjk+guPVjS+6mS3Ue54o
Score
8/10
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/2784-132-0x0000000000400000-0x0000000000467000-memory.dmp upx behavioral2/memory/2784-133-0x0000000000400000-0x0000000000467000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\winxcfg.exe = "C:\\Windows\\system32\\winxcfg.exe" de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe -
Drops file in System32 directory 33 IoCs
description ioc Process File created C:\Windows\SysWOW64\macromd\two kinky old lezbos snapping the whip.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\play station emulator crack.exe de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\XXX Porn Passwords.exe de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\hotmailhacker.exe de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\amateur orgy at a swinger party.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\kinky banana in pussy.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\nice facial cumshot for slut.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\tiny little virgin showing off her cherry pussy.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\nice girl showing her tits for extra money.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\Winzip.exe de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\chubby girl bukkake gang banged sucking cock.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\fun slut who let dude eat her off in jacuzzi.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\lusty teen peeing in backyard.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\some hard sucking and fucking babes.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\amateur slut with a huge gun.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\pigtail black babe with pretty boy.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\GTA 3 Crack.exe de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\young slut being pound in all her tight holes.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\cute blonde chick riding cock.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\latina shemale playing with her cock.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\Britney spears nude.exe de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\hot girls who like cock but eat lots of pussy.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\old lady in bra and corset with dildo.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\busty asian with big lips.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\winxcfg.exe de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\action with three chicks getting it on with a guy.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\blonde beauty ass fucked.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\krystal steal getting her bald clam filled.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\sexy ass black slut sucking huge cock.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\nurse in pink showing her healthy bone slot.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\Harry Potter and the sorcerors stone.divx.exe de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\hotmail account sniffer.exe de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe File created C:\Windows\SysWOW64\macromd\luscious babe with serious ass and firm titts.mpg.pif de62373f57bb0bcf17f94362c8924c8f566ff49c5c8c562ba99ced8ff056123f.exe