Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

11/10/2023, 13:29

231011-qq7tgsbh66 3

11/10/2023, 10:39

231011-mqgerahb9x 3

Analysis

  • max time kernel
    82s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2023, 10:39

General

  • Target

    11102023_1839_drkgate_1110.exe

  • Size

    388KB

  • MD5

    7ed92cbc082874cc7a4807f67244e85b

  • SHA1

    a592a39b1850e08c7956e2ffc9d1c0875e805c8c

  • SHA256

    dda5e4889f9adbd0733558ea72934f65944f748fe77c06f9fcbbadbc0ac0b66b

  • SHA512

    c52f3fd75dd0cd129012fef6c473ee42d23a1b4ac18cdcebe35e41d8b62cda2c4c338b55532523b6196f4e97ad062b2082605e80fc05c70cf26f110fdc16682c

  • SSDEEP

    6144:s50tl7kAfri5ZhtWtIv9n0YQFaVfTnU6UVtm+aq1nMyCCvgT2Pt:a0tlBi5ZhtWtIv50genn91n1CCvj

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\11102023_1839_drkgate_1110.exe
    "C:\Users\Admin\AppData\Local\Temp\11102023_1839_drkgate_1110.exe"
    1⤵
    • Checks processor information in registry
    PID:3696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3696-1-0x0000000000400000-0x0000000000467000-memory.dmp

    Filesize

    412KB