Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
67s -
max time network
132s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
04/12/2022, 06:57
General
-
Target
f921569d063d56faf6b0d2c889d10121b0ac2b02956751c3d26772f932b9223f.exe
-
Size
25KB
-
MD5
e6d6d6c252ecd0ad8aa15e2d0cf9d375
-
SHA1
72e3c95a6e0ff807af32b801f3ccd03a7df2d60f
-
SHA256
f921569d063d56faf6b0d2c889d10121b0ac2b02956751c3d26772f932b9223f
-
SHA512
170f5452077714e8b6964cdbf59d99f7944aac38cebc6ce2c8c25cce2a4051eb777be4f4168b0ed53e3371a6bb519ef5a78ec2ade1300339aa42b8b68484c286
-
SSDEEP
384:dKbvmnaBDdhbKg5Eeq69WJs+5OQI5Voy4Ghh44WieZWiwG:dKqcJ5KEjDWJJ5OQs2yvhh7eYG
Score
3/10
Malware Config
Signatures
-
Program crash 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f921569d063d56faf6b0d2c889d10121b0ac2b02956751c3d26772f932b9223f.exe"C:\Users\Admin\AppData\Local\Temp\f921569d063d56faf6b0d2c889d10121b0ac2b02956751c3d26772f932b9223f.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4828 -s 572202⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4828 -s 572282⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4828 -ip 48281⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 504 -p 4828 -ip 48281⤵