Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

c9966d3b55...in.exe

windows7-x64

7

c9966d3b55...in.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    62s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    22/07/2023, 12:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c9966d3b55a424cc510cd22af8015679.bin.exe

  • Size

    1.8MB

  • MD5

    c9966d3b55a424cc510cd22af8015679

  • SHA1

    40e70cecc5563bdada2a1bc067dd146fd488c75a

  • SHA256

    7a73fa7ca8f7caf895aafab3d6d082259fd89601bd78c085b45754d35b034e33

  • SHA512

    724a25c4e95713e9e72c7a318358a0831e334db51eb826cf610e2ce75844fee9ddabea9d1489ec520f4ed0fa6e58e3436044496aaa60163b35448503a2c8b261

  • SSDEEP

    49152:SkQTAAdQDOTC0wakdJ+J5DGfwNMiKw6id2l9gqumWD2/+H:SaAdQckdJ+JBGfwSip659IDD

Score
7/10

Malware Config

Signatures

  • .NET Reactor proctector 35 IoCs

    Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c9966d3b55a424cc510cd22af8015679.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\c9966d3b55a424cc510cd22af8015679.bin.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2540-54-0x0000000074C50000-0x000000007533E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2540-55-0x00000000052E0000-0x0000000005584000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-56-0x0000000005000000-0x0000000005040000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2540-57-0x0000000005000000-0x0000000005040000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2540-58-0x0000000005040000-0x00000000052E2000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-59-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-60-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-62-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-64-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-66-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-68-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-70-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-72-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-74-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-76-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-78-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-80-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-82-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-84-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-86-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-88-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-90-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-92-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-94-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-96-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-98-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-100-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-102-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-104-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-106-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-108-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-110-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-113-0x0000000074C50000-0x000000007533E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2540-112-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-115-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-117-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-119-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-121-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-123-0x0000000005040000-0x00000000052DD000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/2540-141-0x0000000005000000-0x0000000005040000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2540-221-0x0000000005000000-0x0000000005040000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2540-302-0x0000000005000000-0x0000000005040000-memory.dmp

    Filesize

    256KB

    Download