Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

9c2594959a...d9.exe

windows7-x64

1

9c2594959a...d9.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/08/2023, 16:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9c2594959a5640706871e8b284e61050a2cf6b43c74f3bc86866c5aa192983d9.exe

  • Size

    1.9MB

  • MD5

    12d12516ed7c56cabb83e9ce421e3217

  • SHA1

    c69508aba106fb6c9c27caf2498179d0afdd93ba

  • SHA256

    9c2594959a5640706871e8b284e61050a2cf6b43c74f3bc86866c5aa192983d9

  • SHA512

    7383bf886a57c243cf9bd702ff49fe79183e31ed5715a897b3f39044e5cee3861fbaf290b071286c8ed583f816f3a108b536df6586381b3ef5a985c632dd3a3a

  • SSDEEP

    49152:t7EI/KSr1fMde2BNl7kpqepXT5XccnUG1w4:llSe2XqpD5McD17

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9c2594959a5640706871e8b284e61050a2cf6b43c74f3bc86866c5aa192983d9.exe
    "C:\Users\Admin\AppData\Local\Temp\9c2594959a5640706871e8b284e61050a2cf6b43c74f3bc86866c5aa192983d9.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4176-133-0x00007FF87A0C0000-0x00007FF87AB81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4176-134-0x00000171F0D30000-0x00000171F0D40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4176-135-0x00000171F0D30000-0x00000171F0D40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4176-136-0x00000171F0D30000-0x00000171F0D40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4176-137-0x00000171F0D30000-0x00000171F0D40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4176-138-0x00000171F7080000-0x00000171F7088000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4176-139-0x00000171F7100000-0x00000171F7138000-memory.dmp

    Filesize

    224KB

    Download

  • memory/4176-140-0x00000171F70D0000-0x00000171F70DE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4176-153-0x00007FF87A0C0000-0x00007FF87AB81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4176-154-0x00000171F0D30000-0x00000171F0D40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4176-155-0x00000171F0D30000-0x00000171F0D40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4176-156-0x00000171F0D30000-0x00000171F0D40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4176-157-0x00000171F0D30000-0x00000171F0D40000-memory.dmp

    Filesize

    64KB

    Download