Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
148s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
-
submitted
21/08/2023, 04:48
General
-
Target
0d64a188d48d5d88f95170044be725b60409ef326b3a1353615d50830c069f36.exe
-
Size
395KB
-
MD5
4696234df61d1103c6b3238edbc0d48b
-
SHA1
7c696d7c385b369c9fb37d8f09ea1c7c54c6e456
-
SHA256
0d64a188d48d5d88f95170044be725b60409ef326b3a1353615d50830c069f36
-
SHA512
37771b41f786b199f510431ee2690aa2f1a47a35665e7a6a5939d010595a1b89dd0747f7c75dd151f836026667fc533ef115b41751749756f840ae7d05e5bc53
-
SSDEEP
6144:7Rc/0FLMI/ufS8hIESrHLT+kE7SgrVIzIZ7ODOTiM6A:7Rc/0Fz/k3SrHL3EmgrVVZqDONZ
Score
7/10
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\0d64a188d48d5d88f95170044be725b60409ef326b3a1353615d50830c069f36.exe"C:\Users\Admin\AppData\Local\Temp\0d64a188d48d5d88f95170044be725b60409ef326b3a1353615d50830c069f36.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
236KB
-
Filesize
316KB
-
Filesize
20.9MB
-
Filesize
7.7MB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
5.6MB
-
Filesize
584KB
-
Filesize
64KB
-
Filesize
40KB
-
Filesize
6.1MB
-
Filesize
72KB
-
Filesize
1.0MB
-
Filesize
240KB
-
Filesize
408KB
-
Filesize
472KB
-
Filesize
1.8MB
-
Filesize
5.2MB
-
Filesize
236KB
-
Filesize
120KB
-
Filesize
316KB
-
Filesize
20.9MB
-
Filesize
7.7MB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB