Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

tmp.exe

windows7-x64

1

tmp.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/05/2023, 20:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp.exe

  • Size

    4.4MB

  • MD5

    11a9f299aebd45ea2eb9d0f95f735f95

  • SHA1

    b8233d67e3d4ae347a4816096fae7ac286645b36

  • SHA256

    81c20573a8c17279842d8f85653ad1f96f512ea6f888584fcd9e87792583b9eb

  • SHA512

    f9a25a0a32814ba77f258d256cc8946ba510396cb8c3ef20a3c39c27ddf788a1e80345f9689d858b47091a0e0bfc54f8be796b174aa4473d829fa8565070a7e1

  • SSDEEP

    98304:fTZKn7rT4opTW0Tglb+678JGIFLhLpPLazXY1k:7ZX0TGb+67OLhLFmzXYy

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tmp.exe
    "C:\Users\Admin\AppData\Local\Temp\tmp.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4556

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4556-133-0x00000226237E0000-0x0000022623800000-memory.dmp

    Filesize

    128KB

    Download

  • memory/4556-134-0x0000022623810000-0x0000022623850000-memory.dmp

    Filesize

    256KB

    Download

  • memory/4556-136-0x0000022623870000-0x0000022623890000-memory.dmp

    Filesize

    128KB

    Download

  • memory/4556-135-0x0000022623850000-0x0000022623870000-memory.dmp

    Filesize

    128KB

    Download

  • memory/4556-137-0x0000022623850000-0x0000022623870000-memory.dmp

    Filesize

    128KB

    Download

  • memory/4556-138-0x0000022623870000-0x0000022623890000-memory.dmp

    Filesize

    128KB

    Download