Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

179fbc53f6...ac.exe

windows7-x64

10

179fbc53f6...ac.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    161s
  • max time network
    167s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/11/2022, 16:38 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe

  • Size

    551KB

  • MD5

    b82c97dfad269ef67ee3a5584e2c078e

  • SHA1

    fc9d381c2bcff5a8fbcffe787853574c7eac1913

  • SHA256

    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac

  • SHA512

    717d731c1702bcea3c2c56bdcbfbf90e75ddd036f981eb9b6388f0bdec104374ccce754a56d432aa8fa33711bb04b5433cce5c1303ff75659a7c918600aa520a

  • SSDEEP

    12288:ORU3yGnKsPPd6cWbCFZczr6Tw/9XPhBOf/z+4osa08CGJh0tBbE:ORmy3sd6TmFeCTwFZr48L0vb

Score
10/10
imminentpersistencespywaretrojan

Malware Config

Signatures

  • Imminent RAT

    Remote-access trojan based on Imminent Monitor remote admin software.

    trojanspywareimminent
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Drops desktop.ini file(s) 2 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    "C:\Users\Admin\AppData\Local\Temp\179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe"
    1⤵
    • Adds Run key to start application
    • Drops desktop.ini file(s)
    • Drops file in Windows directory
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:428

Network

    No results found
  • 20.42.65.85:443
    322 B
     7
  • 104.80.225.205:443
    322 B
     7
  • 95.101.78.106:80
    322 B
     7
  • 87.248.202.1:80
    322 B
     7
  • 87.248.202.1:80
    322 B
     7
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    260 B
     200 B
     5
    5
  • 91.236.116.117:1337
    179fbc53f6ab40e3321fbf6159bdd60ab10ddb5ac0f1ba19cd90bfe6c0767bac.exe
    208 B
     160 B
     4
    4
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/428-132-0x00000000752E0000-0x0000000075891000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/428-133-0x00000000752E0000-0x0000000075891000-memory.dmp

    Filesize

    5.7MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.