Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

49d80ace4f...14.exe

windows7-x64

1

49d80ace4f...14.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/01/2023, 07:44 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    49d80ace4f7f63213b65aad185d0b466b3545c604c13256af86c861a8ccd7314.exe

  • Size

    384KB

  • MD5

    d9f3c2b67f40d203ba84917373aa35ba

  • SHA1

    7b3512fd9398f53b880813d549ffec4c3517a4ef

  • SHA256

    49d80ace4f7f63213b65aad185d0b466b3545c604c13256af86c861a8ccd7314

  • SHA512

    875c836420eddd22a253275cf6440667f88b6bd5d8c1866bfd8af0340c7c0c0e34124caa940f255c503adfc2ec6b2981c53e0bc94e6a20078cd49826173999ef

  • SSDEEP

    6144:vZ5o1x3qYyUovIYFJzcBnZ1aa3ChohfavF454IZCGrZ:vzoPbyIYF2BnZkho16ccGrZ

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\49d80ace4f7f63213b65aad185d0b466b3545c604c13256af86c861a8ccd7314.exe
    "C:\Users\Admin\AppData\Local\Temp\49d80ace4f7f63213b65aad185d0b466b3545c604c13256af86c861a8ccd7314.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:5000
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 5000 -s 160
      2⤵
      • Program crash
      PID:2304
  • C:\Windows\system32\WerFault.exe
    C:\Windows\system32\WerFault.exe -pss -s 408 -p 5000 -ip 5000
    1⤵
      PID:3040

    Network

    • flag-unknown
      DNS
      226.101.242.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      226.101.242.52.in-addr.arpa
      IN PTR
      Response
    • 93.184.220.29:80
      260 B
       5
    • 178.79.208.1:80
      322 B
       7
    • 93.184.220.29:80
      322 B
       7
    • 178.79.208.1:80
      322 B
       7
    • 40.79.189.59:443
      322 B
       7
    • 8.8.8.8:53
      226.101.242.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      226.101.242.52.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.