Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

60aa630570...28.exe

windows7-x64

8

60aa630570...28.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    174s
  • max time network
    180s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/12/2022, 04:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    60aa630570f16fcc82c810e1f01a628e58f0b15676924eea961857522016ee28.exe

  • Size

    1.1MB

  • MD5

    9653c1941f4b960e212e85d4a9344fa6

  • SHA1

    e5c529c2ff1b2d6daccaca597bbf861a2f572f03

  • SHA256

    60aa630570f16fcc82c810e1f01a628e58f0b15676924eea961857522016ee28

  • SHA512

    7b1ff2a2b454e9d2def8ea36816d4b57c61c8c663e2a7effb4830006cbf15b46c58109dc3909d9828c685854e5f69aa216a2b484b697bd1b36f84401a314471d

  • SSDEEP

    24576:8MWCpLRV+azG9CrWfvPf1G/tElmPEy+bDQfCxHT2:5pLr+oAkEKSi

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 4 IoCs
    adwarespyware

Processes

  • C:\Users\Admin\AppData\Local\Temp\60aa630570f16fcc82c810e1f01a628e58f0b15676924eea961857522016ee28.exe
    "C:\Users\Admin\AppData\Local\Temp\60aa630570f16fcc82c810e1f01a628e58f0b15676924eea961857522016ee28.exe"
    1⤵
    • Adds Run key to start application
    • Modifies Internet Explorer settings
    PID:4960

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4960-133-0x0000000000400000-0x00000000006CB000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4960-134-0x0000000000400000-0x00000000006CB000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4960-136-0x0000000000400000-0x00000000006CB000-memory.dmp

    Filesize

    2.8MB

    Download

  • memory/4960-137-0x0000000000400000-0x00000000006CB000-memory.dmp

    Filesize

    2.8MB

    Download