Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    90s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/12/2022, 14:56

General

  • Target

    86933c5442e64c61f34fa19dbac30a614f53bdff8246631726c5cf3fc0ecc188.exe

  • Size

    3KB

  • MD5

    358af658a036152d60fa691d3bd7791b

  • SHA1

    bcb0b347d06c81fa3250a6df65e35205a579e8ed

  • SHA256

    86933c5442e64c61f34fa19dbac30a614f53bdff8246631726c5cf3fc0ecc188

  • SHA512

    711c1884d8143d20a38ce5b1c7c788549f6802eff75c4ba6c4badd3b5caae7629fe502a7b79b5e2665a4c6afea6cfb7a547633d121548944bcc795aa02e56039

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\86933c5442e64c61f34fa19dbac30a614f53bdff8246631726c5cf3fc0ecc188.exe
    "C:\Users\Admin\AppData\Local\Temp\86933c5442e64c61f34fa19dbac30a614f53bdff8246631726c5cf3fc0ecc188.exe"
    1⤵
      PID:1376
    • C:\Windows\system32\svchost.exe
      C:\Windows\system32\svchost.exe -k netsvcs -p -s seclogon
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:4760

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads