Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

询价4020...ch.exe

windows7-x64

1

询价4020...ch.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    90s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 12:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    询价4020034178 Accell Asia Limited Taiwan Branch.exe

  • Size

    975KB

  • MD5

    63a8a3a1a54de0232e1351482156aac1

  • SHA1

    ca335a935873fe584f6085576615222c373a1c36

  • SHA256

    ff0090f900f657825e522cc20cf924ac6bf67d063fbbde8796538a79df03fbd4

  • SHA512

    631064740772d5ead953ef4c874453f93d9f7471eaf12b994063a4544c24bc438043af573a24024a3917a417384ba5c85784bf20042c8b86eb96ef7fc735afb3

  • SSDEEP

    12288:1iATjfEunxv6CB5ba9/YSxSZEzCEE4U1yaYQsu/GlvOU8KAyfTEh:tP6CB5bMdUZEzhEfYQz0W7KAybG

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\询价4020034178 Accell Asia Limited Taiwan Branch.exe
    "C:\Users\Admin\AppData\Local\Temp\询价4020034178 Accell Asia Limited Taiwan Branch.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/368-132-0x00000000005F0000-0x00000000006EA000-memory.dmp

    Filesize

    1000KB

    Download

  • memory/368-133-0x0000000005720000-0x0000000005CC4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/368-134-0x00000000050C0000-0x0000000005152000-memory.dmp

    Filesize

    584KB

    Download

  • memory/368-135-0x0000000005070000-0x000000000507A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/368-136-0x000000000B540000-0x000000000B5DC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/368-137-0x000000000B4A0000-0x000000000B506000-memory.dmp

    Filesize

    408KB

    Download