Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
197s -
max time network
241s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
03/12/2022, 13:03
General
-
Target
cb63d8b56e7dfcaa5cc7a9940b6380b513e85ab6b8ea6cbb6e737eb37b1c98d2.exe
-
Size
97KB
-
MD5
1a5cd6ad7e4f37fd542964a50601aef5
-
SHA1
908c57eed3dd5f192152546484f4bf799cad05d5
-
SHA256
cb63d8b56e7dfcaa5cc7a9940b6380b513e85ab6b8ea6cbb6e737eb37b1c98d2
-
SHA512
de31bfe5334a30a714fd696681c977bf50b1bd29c97d12a408f22be9ce917311fd986783f505e02e424a02a37d8785caa17de81b428d05122eb55478bb584ce6
-
SSDEEP
1536:s9XfGxKjqArOgFm7BYUfng9fMGQkINB1Eq:UXO2qwWZnkfIkIWq
Malware Config
Signatures
-
Ramnit
Ramnit is a versatile family that holds viruses, worms, and Trojans.
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL 1 IoCs
-
Program crash 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\cb63d8b56e7dfcaa5cc7a9940b6380b513e85ab6b8ea6cbb6e737eb37b1c98d2.exe"C:\Users\Admin\AppData\Local\Temp\cb63d8b56e7dfcaa5cc7a9940b6380b513e85ab6b8ea6cbb6e737eb37b1c98d2.exe"1⤵
- Loads dropped DLL
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1760 -s 4682⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 1760 -ip 17601⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.6MB
MD54f3387277ccbd6d1f21ac5c07fe4ca68
SHA1e16506f662dc92023bf82def1d621497c8ab5890
SHA256767a3fc4a7a6818cdc3f0b99aaa95db694f6bcde719d2057a88b3d4df3d74fac
SHA5129da199ac69e3c0d4e0c6307e0ab8178f12cc25cb2f14c3511f6b64e6e60a925c860f3263cb38353a97b55a71ef4d27f8cb7fa3cfc08e7c1a349fd8d209dfa219
-
Filesize
132KB
-
Filesize
488KB
-
Filesize
1.6MB
-
Filesize
488KB