Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
156s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system -
submitted
14/10/2023, 23:23
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Bandicam.exe
Resource
win7-20230831-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
Bandicam.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
Bandicam.exe
-
Size
8.0MB
-
MD5
0ca83e340ec8a59828552be376d75cd5
-
SHA1
2d9d5ef1cb164244d9a0108ce130ebf47155b97e
-
SHA256
efd8049d67d1bcdb6c0aba4da7ca6d4feacc65eb874447cc2c69d12dd4a83675
-
SHA512
d10825f052406141c37503177591ea2938a986d197dd7eed924d14a3464353b9d40d224194b6388e7e7f1ee4e8e1f55d6041d9d9038b8bc28dbca397d430bfe2
-
SSDEEP
98304:IMud3Ub2/xd73kVahu9BEDcZj8prUyMXs:IMuVUSpoWIRyMXs
Score
1/10
Malware Config
Signatures
-
GoLang User-Agent 49 IoCs
Uses default user-agent string defined by GoLang HTTP packages.
description flow ioc HTTP User-Agent header 5 Go-http-client/1.1 HTTP User-Agent header 17 Go-http-client/1.1 HTTP User-Agent header 22 Go-http-client/1.1 HTTP User-Agent header 36 Go-http-client/1.1 HTTP User-Agent header 4 Go-http-client/1.1 HTTP User-Agent header 34 Go-http-client/1.1 HTTP User-Agent header 37 Go-http-client/1.1 HTTP User-Agent header 10 Go-http-client/1.1 HTTP User-Agent header 32 Go-http-client/1.1 HTTP User-Agent header 39 Go-http-client/1.1 HTTP User-Agent header 8 Go-http-client/1.1 HTTP User-Agent header 26 Go-http-client/1.1 HTTP User-Agent header 41 Go-http-client/1.1 HTTP User-Agent header 49 Go-http-client/1.1 HTTP User-Agent header 43 Go-http-client/1.1 HTTP User-Agent header 19 Go-http-client/1.1 HTTP User-Agent header 13 Go-http-client/1.1 HTTP User-Agent header 11 Go-http-client/1.1 HTTP User-Agent header 15 Go-http-client/1.1 HTTP User-Agent header 28 Go-http-client/1.1 HTTP User-Agent header 35 Go-http-client/1.1 HTTP User-Agent header 42 Go-http-client/1.1 HTTP User-Agent header 51 Go-http-client/1.1 HTTP User-Agent header 6 Go-http-client/1.1 HTTP User-Agent header 44 Go-http-client/1.1 HTTP User-Agent header 21 Go-http-client/1.1 HTTP User-Agent header 38 Go-http-client/1.1 HTTP User-Agent header 7 Go-http-client/1.1 HTTP User-Agent header 24 Go-http-client/1.1 HTTP User-Agent header 29 Go-http-client/1.1 HTTP User-Agent header 30 Go-http-client/1.1 HTTP User-Agent header 31 Go-http-client/1.1 HTTP User-Agent header 40 Go-http-client/1.1 HTTP User-Agent header 45 Go-http-client/1.1 HTTP User-Agent header 50 Go-http-client/1.1 HTTP User-Agent header 14 Go-http-client/1.1 HTTP User-Agent header 18 Go-http-client/1.1 HTTP User-Agent header 27 Go-http-client/1.1 HTTP User-Agent header 12 Go-http-client/1.1 HTTP User-Agent header 16 Go-http-client/1.1 HTTP User-Agent header 20 Go-http-client/1.1 HTTP User-Agent header 23 Go-http-client/1.1 HTTP User-Agent header 25 Go-http-client/1.1 HTTP User-Agent header 3 Go-http-client/1.1 HTTP User-Agent header 46 Go-http-client/1.1 HTTP User-Agent header 48 Go-http-client/1.1 HTTP User-Agent header 9 Go-http-client/1.1 HTTP User-Agent header 47 Go-http-client/1.1 HTTP User-Agent header 33 Go-http-client/1.1 -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeDebugPrivilege 2068 Bandicam.exe Token: SeShutdownPrivilege 2068 Bandicam.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2068 wrote to memory of 2820 2068 Bandicam.exe 29 PID 2068 wrote to memory of 2820 2068 Bandicam.exe 29 PID 2068 wrote to memory of 2820 2068 Bandicam.exe 29