Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

ab868abad7...fd.exe

windows7-x64

7

ab868abad7...fd.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    178s
  • max time network
    193s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/11/2022, 08:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ab868abad78b55bfcf21179d4d9fddfef7d0836b8261af5718523dc86a4779fd.exe

  • Size

    980KB

  • MD5

    433e97fd46a607d014ecfd24df78ea2f

  • SHA1

    9a8fa3fa7b0da23a813f49ec54f7380bdad3d664

  • SHA256

    ab868abad78b55bfcf21179d4d9fddfef7d0836b8261af5718523dc86a4779fd

  • SHA512

    cc4c66fb7a686911ef1f50095eba0099ef536c89749d0c8b95b7b6ddc95776f98ecc83c48feeaed722ecefef5a9c8f7b902ff49d47844b116fb983e89a454eda

  • SSDEEP

    24576:HDpu7+JXGliQC4aVrNiRMesl8HitxqZqAx9QcSnokfh:j4AXGli1VrNiRMuC7qZh9efh

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ab868abad78b55bfcf21179d4d9fddfef7d0836b8261af5718523dc86a4779fd.exe
    "C:\Users\Admin\AppData\Local\Temp\ab868abad78b55bfcf21179d4d9fddfef7d0836b8261af5718523dc86a4779fd.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1572

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads