Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
180s -
max time network
189s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
01/12/2022, 09:39 UTC
General
-
Target
8238bdbe524d37f238a4d9947afbee11d3ed70872261e6100efe425e4cedc125.exe
-
Size
643KB
-
MD5
202b5823dad33e398ab33c9faa4bb030
-
SHA1
6eeb65a8a427d198a25e8ccd63553b355893d36f
-
SHA256
8238bdbe524d37f238a4d9947afbee11d3ed70872261e6100efe425e4cedc125
-
SHA512
33e6ca0ae3a5a89f7520211659e9f7d498b7822de37f25d9a61dc71239422a380dba131c75b6326ff2b3822245950ac348f224dd5416eada1afea24768fb5299
-
SSDEEP
12288:3tQtpScpVpJgLa0qo158PCCFTFBkmzUJjyKEE9Sk2VWdh:9SpScpf0RECC5WFJnL
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\8238bdbe524d37f238a4d9947afbee11d3ed70872261e6100efe425e4cedc125.exe"C:\Users\Admin\AppData\Local\Temp\8238bdbe524d37f238a4d9947afbee11d3ed70872261e6100efe425e4cedc125.exe"1⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4636 -s 5162⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 372 -p 4636 -ip 46361⤵
Network
-
DNS97.97.242.52.in-addr.arpaRemote address:8.8.8.8:53Request97.97.242.52.in-addr.arpaIN PTRResponse -
DNSd.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.5.0.8.0.0.3.0.1.3.0.6.2.ip6.arpaRemote address:8.8.8.8:53Requestd.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.5.0.8.0.0.3.0.1.3.0.6.2.ip6.arpaIN PTRResponse
-
209.197.3.8:80
-
72.21.81.240:80
-
72.21.81.240:80
-
72.21.81.240:80
-
72.21.81.240:80
-
52.242.97.97:443
-
104.80.225.205:443
-
72.21.81.240:80
-
72.21.81.240:80
-
8.8.8.8:5397.97.242.52.in-addr.arpadns
DNS Request
97.97.242.52.in-addr.arpa
-
8.8.8.8:53d.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.5.0.8.0.0.3.0.1.3.0.6.2.ip6.arpadns
DNS Request
d.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.5.0.8.0.0.3.0.1.3.0.6.2.ip6.arpa
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
336KB