Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
167s -
max time network
180s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
-
submitted
11/10/2023, 23:05
General
-
Target
gR0Jd24.exe
-
Size
553KB
-
MD5
e194dea7cd10363a012aa8e1a44429c4
-
SHA1
87565e07b41e6198db4713e45b4830d1bf353963
-
SHA256
e7c0bdc7af86261b9a7cfc1c8e799d6d10bb65249428b5baace1cebc7ab72399
-
SHA512
7609f002c0b9c6b3bbecf4f246d7d98ae5ab39561e689453e064dba8b8d0548c7b9e2e5ec306d030fd03772e8c3d97aa3990090a6f7e327372af301bbb17cf8c
-
SSDEEP
12288:YlaTTFd2g+dmY6hBlE5euSULi0wI7jaErd:aYTFd2gmmja5euSU2rIiErd
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 10 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\gR0Jd24.exe"C:\Users\Admin\AppData\Local\Temp\gR0Jd24.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c COLOR 0b2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c certutil -hashfile "C:\Users\Admin\AppData\Local\Temp\gR0Jd24.exe" MD5 | find /i /v "md5" | find /i /v "certutil"2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\certutil.execertutil -hashfile "C:\Users\Admin\AppData\Local\Temp\gR0Jd24.exe" MD53⤵
-
-
C:\Windows\system32\find.exefind /i /v "md5"3⤵
-
-
C:\Windows\system32\find.exefind /i /v "certutil"3⤵
-
-