Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

询价4020...ch.exe

windows7-x64

1

询价4020...ch.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    57s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    20/10/2022, 12:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    询价4020034178 Accell Asia Limited Taiwan Branch.exe

  • Size

    975KB

  • MD5

    63a8a3a1a54de0232e1351482156aac1

  • SHA1

    ca335a935873fe584f6085576615222c373a1c36

  • SHA256

    ff0090f900f657825e522cc20cf924ac6bf67d063fbbde8796538a79df03fbd4

  • SHA512

    631064740772d5ead953ef4c874453f93d9f7471eaf12b994063a4544c24bc438043af573a24024a3917a417384ba5c85784bf20042c8b86eb96ef7fc735afb3

  • SSDEEP

    12288:1iATjfEunxv6CB5ba9/YSxSZEzCEE4U1yaYQsu/GlvOU8KAyfTEh:tP6CB5bMdUZEzhEfYQz0W7KAybG

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\询价4020034178 Accell Asia Limited Taiwan Branch.exe
    "C:\Users\Admin\AppData\Local\Temp\询价4020034178 Accell Asia Limited Taiwan Branch.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1036-54-0x0000000000B30000-0x0000000000C2A000-memory.dmp

    Filesize

    1000KB

    Download

  • memory/1036-55-0x0000000075BB1000-0x0000000075BB3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1036-56-0x00000000005F0000-0x0000000000608000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1036-57-0x0000000000960000-0x000000000096C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/1036-58-0x0000000000250000-0x00000000002E6000-memory.dmp

    Filesize

    600KB

    Download

  • memory/1036-59-0x0000000005050000-0x000000000508E000-memory.dmp

    Filesize

    248KB

    Download