Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
84s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
26/08/2023, 23:28
Static task
static1
Behavioral task
behavioral1
Sample
4ec873a684f03cbd75058b02097ecc8d7e1faa35c72931b7f560da0804852928.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
4ec873a684f03cbd75058b02097ecc8d7e1faa35c72931b7f560da0804852928.exe
Resource
win10v2004-20230703-en
General
-
Target
4ec873a684f03cbd75058b02097ecc8d7e1faa35c72931b7f560da0804852928.exe
-
Size
821KB
-
MD5
011c64755aa058b64d1fe94cd3548aea
-
SHA1
beef900a9370f42ea276773087a3090edf96b21a
-
SHA256
4ec873a684f03cbd75058b02097ecc8d7e1faa35c72931b7f560da0804852928
-
SHA512
7d31e7831ec69ead2440a2e700c54db18d7796e6a66c908e1d446c5e6c9e9b7274676a27a7b98bda5bc4003dd9445b75a862fec4f0175902280dd78123a05c61
-
SSDEEP
12288:fDEFFejatUXhtjaY021sy9WqPahaVKvIliuRyKQi6B3HN:fDEFF6wKh5aY0qsyUqyhzI0uRyKQi6ht
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/716-1-0x0000000010000000-0x0000000010018000-memory.dmp upx behavioral2/memory/716-0-0x0000000010000000-0x0000000010018000-memory.dmp upx behavioral2/memory/716-2-0x0000000010000000-0x0000000010018000-memory.dmp upx -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeDebugPrivilege 716 4ec873a684f03cbd75058b02097ecc8d7e1faa35c72931b7f560da0804852928.exe Token: SeDebugPrivilege 716 4ec873a684f03cbd75058b02097ecc8d7e1faa35c72931b7f560da0804852928.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 716 4ec873a684f03cbd75058b02097ecc8d7e1faa35c72931b7f560da0804852928.exe 716 4ec873a684f03cbd75058b02097ecc8d7e1faa35c72931b7f560da0804852928.exe