Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

b99fda83c3...94.exe

windows7-x64

7

b99fda83c3...94.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    158s
  • max time network
    167s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/10/2023, 20:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b99fda83c3f63f8b04d706958cbd98eac14e808010035d67c79074196450de94.exe

  • Size

    1.6MB

  • MD5

    1ec34949c3a5bb416cc10494e149fe29

  • SHA1

    b030f2a7dfb0bdcdccf044564371f3ccbdaf111a

  • SHA256

    b99fda83c3f63f8b04d706958cbd98eac14e808010035d67c79074196450de94

  • SHA512

    2c10fa5d05a31f363bb292c7f16775c0a22eb55edbb45e925b9aceacc57288e1fc65f6d5f1841b1859ceda029f18f136fc02778977b7740b86f8abfaefca8d7a

  • SSDEEP

    24576:pyp5A7mG8ms2/BYre5fvN6y7gM4h8KAGUvu9t4ssA4MahS0VXzAK1JaUdx/j1WCf:p45LoZqe9vnLM8II355aqnP

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 16 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b99fda83c3f63f8b04d706958cbd98eac14e808010035d67c79074196450de94.exe
    "C:\Users\Admin\AppData\Local\Temp\b99fda83c3f63f8b04d706958cbd98eac14e808010035d67c79074196450de94.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:5100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5100-0-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-1-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-2-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-4-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-5-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-6-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-7-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-8-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-9-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-10-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-11-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-12-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-13-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-14-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-15-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/5100-16-0x0000000000400000-0x0000000000B2D000-memory.dmp

    Filesize

    7.2MB

    Download