Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
156s -
max time network
153s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
-
submitted
20/10/2022, 20:44
General
-
Target
4a5eadfc176749a508c86d1e8875a5e3a48f9a971a7b7b7b5219719daddc7c02.exe
-
Size
194KB
-
MD5
71efcf6744318ba8dff53729acc2f821
-
SHA1
1adf3caa79b66a799aaf8fe52fcb9fbede4a51b1
-
SHA256
4a5eadfc176749a508c86d1e8875a5e3a48f9a971a7b7b7b5219719daddc7c02
-
SHA512
258bcf0b5ff01d3cab8cc2eb574bf7c764da9150a6494dd5320e4f338a601b348cd0a64b1edeb28063d16ca36e5eb42fe08a92a0fa785fd8fcad142dffc24671
-
SSDEEP
3072:eXZrUDLyDuNA8/5zUCK/5aUpJ8//aX0KdjPKTnbM:mFUDLlNrhUJc20ycn
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Checks SCSI registry key(s) 3 TTPs 3 IoCs
SCSI information is often read in order to detect sandboxing environments.
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious behavior: MapViewOfSection 19 IoCs
-
Suspicious use of WriteProcessMemory 33 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\4a5eadfc176749a508c86d1e8875a5e3a48f9a971a7b7b7b5219719daddc7c02.exe"C:\Users\Admin\AppData\Local\Temp\4a5eadfc176749a508c86d1e8875a5e3a48f9a971a7b7b7b5219719daddc7c02.exe"1⤵
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: MapViewOfSection
-
C:\Windows\SysWOW64\explorer.exeC:\Windows\SysWOW64\explorer.exe1⤵
-
C:\Windows\explorer.exeC:\Windows\explorer.exe1⤵
-
C:\Windows\SysWOW64\explorer.exeC:\Windows\SysWOW64\explorer.exe1⤵
-
C:\Windows\explorer.exeC:\Windows\explorer.exe1⤵
-
C:\Windows\SysWOW64\explorer.exeC:\Windows\SysWOW64\explorer.exe1⤵
-
C:\Windows\SysWOW64\explorer.exeC:\Windows\SysWOW64\explorer.exe1⤵
-
C:\Windows\SysWOW64\explorer.exeC:\Windows\SysWOW64\explorer.exe1⤵
-
C:\Windows\explorer.exeC:\Windows\explorer.exe1⤵
-
C:\Windows\SysWOW64\explorer.exeC:\Windows\SysWOW64\explorer.exe1⤵
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
32KB
-
Filesize
32KB
-
Filesize
44KB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
28KB
-
Filesize
44KB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
28KB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
48KB
-
Filesize
24KB
-
Filesize
24KB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
216KB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.3MB
-
Filesize
68KB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
216KB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
68KB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
1.6MB
-
Filesize
20KB
-
Filesize
20KB
-
Filesize
36KB
-
Filesize
1.6MB
-
Filesize
20KB
-
Filesize
20KB
-
Filesize
36KB
-
Filesize
24KB
-
Filesize
44KB
-
Filesize
24KB
-
Filesize
28KB
-
Filesize
52KB
-
Filesize
28KB
-
Filesize
36KB
-
Filesize
60KB
-
Filesize
156KB
-
Filesize
136KB
-
Filesize
136KB