Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

6d6385cfc5...6e.exe

windows7-x64

1

6d6385cfc5...6e.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    90s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/10/2022, 01:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6d6385cfc5b148a46106d8b9e61391d145cdfeb4d90f2332fe896533586c486e.exe

  • Size

    541KB

  • MD5

    510493a47aadf11d27f3ea593994c950

  • SHA1

    0639b0a4f9d5119ea3a7749ce06851592753b707

  • SHA256

    6d6385cfc5b148a46106d8b9e61391d145cdfeb4d90f2332fe896533586c486e

  • SHA512

    7a821a69eb8a2d98abdbee9b6b9a504e925a0c2e196012c6ef4de9c60e102d56f0f9c9b6dfe70aad7cb4d8cd8c7e4c5919d762d1487672ae0d9aa555083d92f5

  • SSDEEP

    6144:fg634LnX+eheFht+8Vnyk6tAI5xJ4Oe1akah8lcQxa0N8C/L:o63WnLuhY8gAMxvfglcB0J

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6d6385cfc5b148a46106d8b9e61391d145cdfeb4d90f2332fe896533586c486e.exe
    "C:\Users\Admin\AppData\Local\Temp\6d6385cfc5b148a46106d8b9e61391d145cdfeb4d90f2332fe896533586c486e.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:4904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4904-132-0x0000000000400000-0x000000000048B000-memory.dmp

    Filesize

    556KB

    Download

  • memory/4904-133-0x0000000000400000-0x000000000048B000-memory.dmp

    Filesize

    556KB

    Download