Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

2080af5214...11.exe

windows7-x64

7

2080af5214...11.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    177s
  • max time network
    215s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/11/2022, 05:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2080af52140000c55f9abfdbc39ef6ca89aa0c9004b9a941f1fd7e5dad0c3e11.exe

  • Size

    973KB

  • MD5

    4d7e00dc15d450802b1d42adc791169f

  • SHA1

    73278517c1f6e3f4b4e8d253cd0f357ad8484608

  • SHA256

    2080af52140000c55f9abfdbc39ef6ca89aa0c9004b9a941f1fd7e5dad0c3e11

  • SHA512

    78082c93ed4eb8a7b28490a3b966845cdfb29cab22795092fdd7d3045ea999b1fca350016eb97ecf00e9958c03f9f5f4820b31d24617bf5f450e861009ccdc41

  • SSDEEP

    24576:K+wU+0GRJBMyaosJdRnPUKGh6qltQpoRGbkZMA0uSrrg7wH5:IR0GRJ5RsBPUKGhtQugkZOEa5

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2080af52140000c55f9abfdbc39ef6ca89aa0c9004b9a941f1fd7e5dad0c3e11.exe
    "C:\Users\Admin\AppData\Local\Temp\2080af52140000c55f9abfdbc39ef6ca89aa0c9004b9a941f1fd7e5dad0c3e11.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2116

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads