Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
110s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
29/11/2022, 03:58 UTC
General
-
Target
7675116633f92df316276dbdfdbf5b4dbe3796f4b8e36e64ca98efd509afa8a9.exe
-
Size
863KB
-
MD5
2fcfd03fdb1347c6c16028902c734a17
-
SHA1
b11161fe1a817660ad93348e0c8a5abc532501a2
-
SHA256
7675116633f92df316276dbdfdbf5b4dbe3796f4b8e36e64ca98efd509afa8a9
-
SHA512
3d3579f8d8bae5a9b178edccd13a5807a547c056b8f5c756b850a48c97e9d44361041eaec99d2ddbed6b9d7b741e2b5d0866bdd442b0a7eb2b180ba795414280
-
SSDEEP
24576:ZC1yaLpk7rPO376zHiA6nz/0xDpQiNSbo8zfxg:ZChCrPO376zHiA6jUD+iMboo
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\7675116633f92df316276dbdfdbf5b4dbe3796f4b8e36e64ca98efd509afa8a9.exe"C:\Users\Admin\AppData\Local\Temp\7675116633f92df316276dbdfdbf5b4dbe3796f4b8e36e64ca98efd509afa8a9.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
Network
-
DNS106.89.54.20.in-addr.arpaRemote address:8.8.8.8:53Request106.89.54.20.in-addr.arpaIN PTRResponse
-
209.197.3.8:80
-
8.249.91.254:80
-
13.89.178.27:443
-
104.80.225.205:443
-
209.197.3.8:80
-
93.184.220.29:80
-
8.249.91.254:80
-
8.249.91.254:80
-
8.249.91.254:80
-
93.184.221.240:80
-
8.8.8.8:53106.89.54.20.in-addr.arpadns
DNS Request
106.89.54.20.in-addr.arpa