Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

abb5e9871e...74.exe

windows7-x64

8

abb5e9871e...74.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    97s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/12/2022, 23:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    abb5e9871ef124483242f70f95d508b1f04e9927ed6b2cae2934ea53e9e1e274.exe

  • Size

    99KB

  • MD5

    3ff6da2b7dd18054585844701d82ac7e

  • SHA1

    f71ef8e5c74cd9b730ca389e331393916d137ab6

  • SHA256

    abb5e9871ef124483242f70f95d508b1f04e9927ed6b2cae2934ea53e9e1e274

  • SHA512

    0ff0770b6752270dec8d1e6f87701a395399db6fb06fc4500b8fefb4f893b4524a82eba494f555166d445d72e63e5c8557a8dc37a60341bd420ec9328f6c1829

  • SSDEEP

    3072:Awi089AvUB1LZPE1AAQvCTjE/j15AY41C:M0wB1LlyVb+15AYF

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Program crash 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\abb5e9871ef124483242f70f95d508b1f04e9927ed6b2cae2934ea53e9e1e274.exe
    "C:\Users\Admin\AppData\Local\Temp\abb5e9871ef124483242f70f95d508b1f04e9927ed6b2cae2934ea53e9e1e274.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:4908
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4908 -s 516
      2⤵
      • Program crash
      PID:628
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 4908 -ip 4908
    1⤵
      PID:1500

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4908-132-0x0000000000400000-0x0000000000440000-memory.dmp

      Filesize

      256KB

      Download

    • memory/4908-134-0x0000000000400000-0x0000000000417000-memory.dmp

      Filesize

      92KB

      Download

    • memory/4908-137-0x0000000000400000-0x0000000000440000-memory.dmp

      Filesize

      256KB

      Download

    • memory/4908-138-0x0000000000400000-0x0000000000417000-memory.dmp

      Filesize

      92KB

      Download