Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

d5c1748701...db.exe

windows7-x64

3

d5c1748701...db.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    143s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 01:19 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d5c1748701e48f0e714a7fa6e984b2273b1640f2f8206651fee1054b69a4e0db.exe

  • Size

    353KB

  • MD5

    2e7b918599c5b629aa223db84b0fcf9c

  • SHA1

    5aa7e601df83f656ea47553a42bd94420347aa8b

  • SHA256

    d5c1748701e48f0e714a7fa6e984b2273b1640f2f8206651fee1054b69a4e0db

  • SHA512

    615d14b8ab2d59defb3518b9307aaa0415d3ec98a263225e989f3feae118397cfdc200b1094f711131772499ac2fabb3c000c4e75cce3b145f8e8ddded8f1df7

  • SSDEEP

    6144:bWLtjh5WqhvibR2tv1hmf0uiHbZo/ylwjZMRzz/7jorwCotvV/JkjpeMpuLj3eoe:+95Wqhv6MvvC0l7yk8Zu//abI6jpet7e

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d5c1748701e48f0e714a7fa6e984b2273b1640f2f8206651fee1054b69a4e0db.exe
    "C:\Users\Admin\AppData\Local\Temp\d5c1748701e48f0e714a7fa6e984b2273b1640f2f8206651fee1054b69a4e0db.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3476

Network

    No results found
  • 20.189.173.12:443
    322 B
     7
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3476-132-0x0000000000400000-0x00000000005AE000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/3476-133-0x0000000000400000-0x00000000005AE000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/3476-134-0x0000000000400000-0x00000000005AE000-memory.dmp

    Filesize

    1.7MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.