Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
135s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
02/05/2023, 09:28
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
57d15a6f866ced075bc300b1e2c37165.exe
Resource
win7-20230220-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
57d15a6f866ced075bc300b1e2c37165.exe
Resource
win10v2004-20230220-en
3 signatures
150 seconds
General
-
Target
57d15a6f866ced075bc300b1e2c37165.exe
-
Size
255KB
-
MD5
57d15a6f866ced075bc300b1e2c37165
-
SHA1
145479399c23aabcf01caaa3c9f6356746288e25
-
SHA256
c084e334c31cf636666e63fbff0d155fcb10cb813f21e5c262eb21530c4c1755
-
SHA512
28d45792e0f5cf819fc2a362167c2f1ab83cf5256a857f38d904d5ec26095b5c7718d2c8b913296aa809a03ee2a7b43d5e372defb2c9bf67feb3e97a0794e0a9
-
SSDEEP
1536:VuSmgtPAEzzeUkTVs8QbNFsCqThVaNj0XbK4ka87:VuS9AEzzeUkhs9FshThp07
Score
6/10
Malware Config
Signatures
-
Legitimate hosting services abused for malware hosting/C2 1 TTPs
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 3520 57d15a6f866ced075bc300b1e2c37165.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 3520 57d15a6f866ced075bc300b1e2c37165.exe