Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

7a8b06c76c...e3.png

windows7-x64

3

7a8b06c76c...e3.png

windows10-2004-x64

3

Resubmissions

02/10/2023, 22:34

231002-2g8j7sfa6v 3

02/10/2023, 22:23

231002-2a487sfa3v 3

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/10/2023, 22:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7a8b06c76c5616fac1e627f10ba3772626e1b0e3.png

  • Size

    2KB

  • MD5

    823ef89e4c0b49148c2c5631a3892537

  • SHA1

    7213c70d21a50017f2ef97d3619339b818f7b0b3

  • SHA256

    6a10ca383b65ec986e0790e36707f60dabab88dab4b7c66e9650973ce87e9d25

  • SHA512

    86a31e3f77449151051257b3f2c5f3c95ecd31887924b1c364bc4d47f3a657c583ec28556ca1948225a281c3fb2416cb5ff2b0838ffaa273ca6af54febb99f00

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\7a8b06c76c5616fac1e627f10ba3772626e1b0e3.png
    1⤵
      PID:2628
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4720
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3260

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        9721fd4c407865830d9ab816be3c9c9e

        SHA1

        8f9d844c7be2ded38bf2ee8a71054b33a27234ae

        SHA256

        b27c0604ea08a4638c62604703055d81b62451aa98361b56b6e24bd16cab1fc2

        SHA512

        552fb62524429171d5caef2208b619b62b68c91773e3676d80bf7b0efa7b980bde2fce30bc19a3ecbd14fe2e2eaf5d74e795482552e93f11b41c5b61aad44b83

        Download Submit

      • memory/3260-40-0x0000022737230000-0x0000022737231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-42-0x0000022737230000-0x0000022737231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-33-0x0000022737230000-0x0000022737231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-34-0x0000022737230000-0x0000022737231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-35-0x0000022737230000-0x0000022737231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-36-0x0000022737230000-0x0000022737231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-37-0x0000022737230000-0x0000022737231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-38-0x0000022737230000-0x0000022737231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-39-0x0000022737230000-0x0000022737231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-43-0x0000022736E50000-0x0000022736E51000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-32-0x0000022737200000-0x0000022737201000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-41-0x0000022737230000-0x0000022737231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-0-0x000002272EB40000-0x000002272EB50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3260-44-0x0000022736E40000-0x0000022736E41000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-46-0x0000022736E50000-0x0000022736E51000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-49-0x0000022736E40000-0x0000022736E41000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-52-0x0000022736D80000-0x0000022736D81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-16-0x000002272EC40000-0x000002272EC50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3260-64-0x0000022736F80000-0x0000022736F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-66-0x0000022736F90000-0x0000022736F91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-67-0x0000022736F90000-0x0000022736F91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3260-68-0x00000227370A0000-0x00000227370A1000-memory.dmp

        Filesize

        4KB

        Download