Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

c297f313a2...74.exe

windows7-x64

4

c297f313a2...74.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    187s
  • max time network
    193s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/10/2022, 18:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c297f313a2aa2ad171d0c2de8956943d2751702d2bb6aabf3f0080a400bb3d74.exe

  • Size

    84KB

  • MD5

    82a46e1e192e933e4f75fe872da031c2

  • SHA1

    e6f53bf72d0fd0cb5a2d80558f6be1ee4d39ec15

  • SHA256

    c297f313a2aa2ad171d0c2de8956943d2751702d2bb6aabf3f0080a400bb3d74

  • SHA512

    c1bff054a1f21ae8113e72b7e00a0d2fd5fca3624d33ecc2bda8e02e9128ce551e6cea118366c39864c1c445292441cacad12e5022a3e63774eb83f57fd0ab31

  • SSDEEP

    1536:qwm8nBjqs32bxPpBRy32Z6gJlyiKqVo6EUMm0:5m8nBjTmbxRBRN6WYiKqVo6Zs

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 1 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:780
      • C:\Users\Admin\AppData\Local\Temp\c297f313a2aa2ad171d0c2de8956943d2751702d2bb6aabf3f0080a400bb3d74.exe
        "C:\Users\Admin\AppData\Local\Temp\c297f313a2aa2ad171d0c2de8956943d2751702d2bb6aabf3f0080a400bb3d74.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:4948

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads