Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

dc71bc7c88...14.exe

windows7-x64

7

dc71bc7c88...14.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/12/2022, 02:11 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dc71bc7c88b056bc547d90f47256e2267ba14cecb6e839e280e89e6f2cc88114.exe

  • Size

    578KB

  • MD5

    caa5ccce7f05591b538ea3110d9f9148

  • SHA1

    b031b0a0bf2094747972003bb2ee00ffabea534e

  • SHA256

    dc71bc7c88b056bc547d90f47256e2267ba14cecb6e839e280e89e6f2cc88114

  • SHA512

    6353c971f87c6ac80e6ff12b30259d37da36906175a2493f2a940382890440b269e3f790f2b40b1056ae56f5d91d05f0b10c2666ce72dabadcc418e0047a488b

  • SSDEEP

    12288:le8o8ghasuPeU5KQUxAAWS0yO+Dqwq1Bi:lvoTEX5cwHD1B

Score
7/10
spywarestealer

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\dc71bc7c88b056bc547d90f47256e2267ba14cecb6e839e280e89e6f2cc88114.exe
    "C:\Users\Admin\AppData\Local\Temp\dc71bc7c88b056bc547d90f47256e2267ba14cecb6e839e280e89e6f2cc88114.exe"
    1⤵
      PID:5032
    • C:\Windows\system32\pacjsworker.exe
      C:\Windows\system32\pacjsworker.exe 92ffc58d-7abc-42d3-a1a5-3447a8cb834a 8473b049-acf5-4333-be26-66ee0b0a69ef
      1⤵
        PID:3632
      • C:\Windows\system32\pacjsworker.exe
        C:\Windows\system32\pacjsworker.exe c5ad8ec7-1eda-4df5-a626-8d932fc67152 8473b049-acf5-4333-be26-66ee0b0a69ef
        1⤵
          PID:2664

        Network

        • flag-unknown
          GET
          http://187.109.161.135/true.dat
          Remote address:
          187.109.161.135:80
          Request
          GET /true.dat HTTP/1.1
          Connection: Keep-Alive
          Accept: */*
          User-Agent: WinHttp-Autoproxy-Service/5.1
          Host: 187.109.161.135
          Response
          HTTP/1.1 200 OK
          Content-Type:text/html
          Pragma:no-cache
          Cache-control:no-cache, no-store, max-age=0
          Transfer-Encoding:chunked
          X-Frame-Options:SAMEORIGIN
          Connection:Keep-Alive
        • 93.184.220.29:80
          322 B
           7
        • 187.109.161.135:80
          http://187.109.161.135/true.dat
          http
          359 B
           1.0kB
           5
          5

          HTTP Request

          GET http://187.109.161.135/true.dat

          HTTP Response

          200
        • 20.42.73.24:443
          322 B
           7
        • 178.79.208.1:80
          322 B
           7
        • 104.80.225.205:443
          322 B
           7
        No results found

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        We care about your privacy.

        This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.