Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

eda19fdbb4...f5.exe

windows7-x64

6

eda19fdbb4...f5.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    151s
  • max time network
    157s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2022, 04:38 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eda19fdbb4cce64e83405258ee10345bba2ac4933f85d59bd6f72a068c80b3f5.exe

  • Size

    424KB

  • MD5

    f4ed6c6262dd6ac95c687dfbbe46a6cb

  • SHA1

    349c4cd93aa29122c1ec1c2253f88d19e829804c

  • SHA256

    eda19fdbb4cce64e83405258ee10345bba2ac4933f85d59bd6f72a068c80b3f5

  • SHA512

    69ec0d2438b720b04916ab2c404986c264b4483392191f3d11136e8908308738aa6c60c961fd187099f6073e92ab6a6c735312bb9a1d5a897b75c36d24893c1b

  • SSDEEP

    12288:UgskUuDR24+5jrAqG6orxTDyRBxA6wr90:SnSb+drAqE9kBxw

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Drops file in Windows directory 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\eda19fdbb4cce64e83405258ee10345bba2ac4933f85d59bd6f72a068c80b3f5.exe
    "C:\Users\Admin\AppData\Local\Temp\eda19fdbb4cce64e83405258ee10345bba2ac4933f85d59bd6f72a068c80b3f5.exe"
    1⤵
    • Checks whether UAC is enabled
    • Drops file in Windows directory
    PID:856

Network

    No results found
  • 187.45.186.75:80
    eda19fdbb4cce64e83405258ee10345bba2ac4933f85d59bd6f72a068c80b3f5.exe
    152 B
     3
  • 187.45.186.75:80
    eda19fdbb4cce64e83405258ee10345bba2ac4933f85d59bd6f72a068c80b3f5.exe
    152 B
     3
  • 187.45.186.75:80
    eda19fdbb4cce64e83405258ee10345bba2ac4933f85d59bd6f72a068c80b3f5.exe
    152 B
     3
  • 187.45.186.75:80
    eda19fdbb4cce64e83405258ee10345bba2ac4933f85d59bd6f72a068c80b3f5.exe
    152 B
     3
  • 187.45.186.75:80
    eda19fdbb4cce64e83405258ee10345bba2ac4933f85d59bd6f72a068c80b3f5.exe
    152 B
     3
  • 187.45.186.75:80
    eda19fdbb4cce64e83405258ee10345bba2ac4933f85d59bd6f72a068c80b3f5.exe
    52 B
     1
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/856-54-0x0000000075C11000-0x0000000075C13000-memory.dmp

    Filesize

    8KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.