Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
36s -
max time network
41s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
30/10/2022, 10:02
Behavioral task
behavioral1
Sample
612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe
Resource
win7-20220812-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe
-
Size
79KB
-
MD5
a33d4941f98190d3f2715af541a0c23b
-
SHA1
10f569c9a9fe2f369b990910f48e708b7b9d9ca7
-
SHA256
612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74
-
SHA512
28c869ed812938662074ea21119328f2dfdecb20fe6abca405d05aaea4254ace072671e31f4855f2344b855a5178860fc34b79bee2253562a46ebc9aec36f0e8
-
SSDEEP
1536:5lrsicagdzn8K2ariPOcjk+XQuPVN72NMSoe4riqDKxINs5qf5ZHpSc:5JjcF8KfCOcjk+guPVjSoeepIqZ
Score
8/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/364-54-0x0000000000400000-0x0000000000467000-memory.dmp upx behavioral1/memory/364-55-0x0000000000400000-0x0000000000467000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\winxcfg.exe = "C:\\Windows\\system32\\winxcfg.exe" 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe -
Drops file in System32 directory 33 IoCs
description ioc Process File created C:\Windows\SysWOW64\macromd\preteen sucking huge cock illegal.mpg.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\tiny little virgin showing off her cherry pussy.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\fetish bondage preteen porno.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\Winzip.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\aol password cracker.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\Two girls - Blonde and Brunette - Giving head.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\nasty slut sucking huge cock.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\Windows 2000.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\Flash Golf.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\anastasia nude.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\movie of mom who whip hot ass on daughter's big cock lover.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\hot hungry sluts sucking cum for a line of coke.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\hairy lezzies torching it up with hot candles.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\sluty cock sucking chick.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\Website Hacker.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\Teen Violent Forced Gangbang.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\jenna jameson - built for speed.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\two teen lesbians with dildo having fun.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\winxcfg.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\3 teen blonde babes chin deep in pussy sauce.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\teen with her legs wide and fingers in her wet cunt.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\GTA 3 Serial.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\cute blonde cheerleader dancing.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\hot tomoli lathering up sexy body for boyfriend's tongue.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\yummy lesbos licking wet pussy holes.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\jenna jameson - xxx nurse scene.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\beautiful blonde gettin an anal fucking.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\horny little blonde spreading pink.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\first time anal and she loves it.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\Another bang bus victim forced rape sex cum.mpg.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\Britney spears nude.exe 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\chicks working orgasm from dude's cock as a present.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe File created C:\Windows\SysWOW64\macromd\sweet ass blonde teen with dripping wet pussy.mpg.pif 612a5238276540a60c74ad6e443eff1eb716a51bea2ec8e358937b125ba34a74.exe