Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    39s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230621-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/07/2023, 11:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    file.exe

  • Size

    347KB

  • MD5

    b4e676bbca0000cfb22d1dc7546cc35c

  • SHA1

    55334b6eb0a6708f8b088003a392ae7ac9744ac0

  • SHA256

    eb5bd3825785063d9fda32333f634734a8a4a38be91bcff54337d4fa86e732d9

  • SHA512

    7e10f54c7fa3fe8f336a21e0e2b624f974640736da3e0d71abcbb46b31c585cd3c5004ac3a88d1a711cb6a2e8c17e92956ea850273f7d8ec87f1410dbb511a2f

  • SSDEEP

    3072:vPkhfwlvtgS/+9JlIDNB+ZAhdJ4RDWW2Ma78MZdHBlqnUSoyKAFO5WyyMW0K7FDZ:0TS/+9rCyR+N7XHBlqnxVO5WNfDV1D

Score
7/10
discoveryspywarestealer

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\file.exe
    "C:\Users\Admin\AppData\Local\Temp\file.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3348
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3348 -s 1672
      2⤵
      • Program crash
      PID:3716
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3348 -ip 3348
    1⤵
      PID:3304

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3348-134-0x00000000062E0000-0x0000000006884000-memory.dmp

      Filesize

      5.6MB

      Download

    • memory/3348-135-0x0000000001FD0000-0x000000000200F000-memory.dmp

      Filesize

      252KB

      Download

    • memory/3348-137-0x00000000062D0000-0x00000000062E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3348-136-0x00000000062D0000-0x00000000062E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3348-138-0x00000000062D0000-0x00000000062E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3348-139-0x0000000006A90000-0x00000000070A8000-memory.dmp

      Filesize

      6.1MB

      Download

    • memory/3348-140-0x00000000070B0000-0x00000000071BA000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/3348-141-0x0000000006260000-0x0000000006272000-memory.dmp

      Filesize

      72KB

      Download

    • memory/3348-143-0x0000000006280000-0x00000000062BC000-memory.dmp

      Filesize

      240KB

      Download

    • memory/3348-142-0x00000000062D0000-0x00000000062E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3348-144-0x0000000007470000-0x00000000074E6000-memory.dmp

      Filesize

      472KB

      Download

    • memory/3348-145-0x00000000074F0000-0x0000000007582000-memory.dmp

      Filesize

      584KB

      Download

    • memory/3348-146-0x0000000007590000-0x00000000075F6000-memory.dmp

      Filesize

      408KB

      Download

    • memory/3348-147-0x0000000000400000-0x0000000001B59000-memory.dmp

      Filesize

      23.3MB

      Download

    • memory/3348-148-0x00000000062D0000-0x00000000062E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3348-149-0x00000000062D0000-0x00000000062E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3348-150-0x00000000062D0000-0x00000000062E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3348-151-0x0000000007FC0000-0x0000000008182000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/3348-152-0x0000000008190000-0x00000000086BC000-memory.dmp

      Filesize

      5.2MB

      Download

    • memory/3348-153-0x00000000062D0000-0x00000000062E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3348-154-0x0000000008DD0000-0x0000000008E20000-memory.dmp

      Filesize

      320KB

      Download

    • memory/3348-156-0x0000000000400000-0x0000000001B59000-memory.dmp

      Filesize

      23.3MB

      Download