Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
88s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
15/02/2023, 01:24
General
-
Target
CustomRP.1.17.2.exe
-
Size
4.9MB
-
MD5
20f3a68ce8ef5c34c82389855b3a4d77
-
SHA1
d2d60c295a298f44ce13bb98765b9180c272cb16
-
SHA256
f98167f2d64fec953dbd3161325428f157e02a43eab5e4bb2aa2c40575fc118c
-
SHA512
c21a4a549f7339542fae554709bbcb48b26d2a974c23e82cc76aac8df8ed4908d1940cfd1ea7d3a85b1f4dfc661485aa47cbf4f9931766ae14174d6c784a4070
-
SSDEEP
98304:AkLX56QgB7Fy3dYWKOldTejCpL3ZU1tVu1pRG49a301cCBL:fX56/B7Fk2+CRy849a3ZCBL
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\CustomRP.1.17.2.exe"C:\Users\Admin\AppData\Local\Temp\CustomRP.1.17.2.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\is-3HVJ8.tmp\CustomRP.1.17.2.tmp"C:\Users\Admin\AppData\Local\Temp\is-3HVJ8.tmp\CustomRP.1.17.2.tmp" /SL5="$C01CA,4039170,1081856,C:\Users\Admin\AppData\Local\Temp\CustomRP.1.17.2.exe"2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3.3MB
MD53747b02515153a99a7b2502a33fd2ca3
SHA17fd85eed092f41ee06ff1cc27c30290450cd487f
SHA256b9ba492fa0beec11cb1fc09db2241b53d7cd7a402d9c12ce05677f584eeb0011
SHA512f85fbd4f30f6c67362a0876d5b28480a6ff1d6427be1f8c2ec0150e998f9138fcfbda61da59f9dac6b7acef09f46e446e391880b25e290c6b408c277e17ed879
-
Filesize
1.1MB
-
Filesize
1.1MB
-
Filesize
1.1MB