Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

40f80ad513...59.exe

windows7-x64

1

40f80ad513...59.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    184s
  • max time network
    190s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/11/2022, 13:55 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    40f80ad513071440a460edebf50968c6c498329fd55bf0c725329339f18c9859.exe

  • Size

    236KB

  • MD5

    2f6d7178fb3078b87d30e8a92e188af5

  • SHA1

    80ced2079bfaecd05b6169c92c44a8cb9510655f

  • SHA256

    40f80ad513071440a460edebf50968c6c498329fd55bf0c725329339f18c9859

  • SHA512

    711caf4f78b2bb398428bd95f12a0c8b3cceecce16780189935301cc5a01860f47eb5c352ca0ab7d5779962e65f3a0626c407f4eb0552a91149e04ab224cf999

  • SSDEEP

    6144:6+7CcSJCOOTHa8SAsUTMXXoaa23LB4wMEf/5k1egbm:c7B4wXk1eg6

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\40f80ad513071440a460edebf50968c6c498329fd55bf0c725329339f18c9859.exe
    "C:\Users\Admin\AppData\Local\Temp\40f80ad513071440a460edebf50968c6c498329fd55bf0c725329339f18c9859.exe"
    1⤵
      PID:2376

    Network

    • flag-us
      DNS
      rapidshare.com
      40f80ad513071440a460edebf50968c6c498329fd55bf0c725329339f18c9859.exe
      Remote address:
      8.8.8.8:53
      Request
      rapidshare.com
      IN A
      Response
      rapidshare.com
      IN A
      0.0.0.0
    • flag-us
      DNS
      176.122.125.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      176.122.125.40.in-addr.arpa
      IN PTR
      Response
    • 93.184.220.29:80
      322 B
       7
    • 20.42.65.89:443
      322 B
       7
    • 104.110.191.133:80
      322 B
       7
    • 104.110.191.133:80
      322 B
       7
    • 8.8.8.8:53
      rapidshare.com
      dns
      40f80ad513071440a460edebf50968c6c498329fd55bf0c725329339f18c9859.exe
      60 B
       76 B
       1
      1

      DNS Request

      rapidshare.com

      DNS Response

      0.0.0.0

    • 8.8.8.8:53
      176.122.125.40.in-addr.arpa
      dns
      73 B
       159 B
       1
      1

      DNS Request

      176.122.125.40.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2376-132-0x0000000000400000-0x000000000043C000-memory.dmp

      Filesize

      240KB

      Download

    • memory/2376-133-0x0000000000400000-0x000000000043C000-memory.dmp

      Filesize

      240KB

      Download

    • memory/2376-135-0x0000000000400000-0x0000000000417000-memory.dmp

      Filesize

      92KB

      Download

    • memory/2376-138-0x0000000000400000-0x0000000000417000-memory.dmp

      Filesize

      92KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.