Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
151s -
max time network
157s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system -
submitted
14/10/2023, 23:23
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Bandicam.exe
Resource
win7-20230831-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
Bandicam.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
Bandicam.exe
-
Size
8.0MB
-
MD5
0ca83e340ec8a59828552be376d75cd5
-
SHA1
2d9d5ef1cb164244d9a0108ce130ebf47155b97e
-
SHA256
efd8049d67d1bcdb6c0aba4da7ca6d4feacc65eb874447cc2c69d12dd4a83675
-
SHA512
d10825f052406141c37503177591ea2938a986d197dd7eed924d14a3464353b9d40d224194b6388e7e7f1ee4e8e1f55d6041d9d9038b8bc28dbca397d430bfe2
-
SSDEEP
98304:IMud3Ub2/xd73kVahu9BEDcZj8prUyMXs:IMuVUSpoWIRyMXs
Score
1/10
Malware Config
Signatures
-
GoLang User-Agent 49 IoCs
Uses default user-agent string defined by GoLang HTTP packages.
description flow ioc HTTP User-Agent header 43 Go-http-client/1.1 HTTP User-Agent header 98 Go-http-client/1.1 HTTP User-Agent header 102 Go-http-client/1.1 HTTP User-Agent header 117 Go-http-client/1.1 HTTP User-Agent header 69 Go-http-client/1.1 HTTP User-Agent header 82 Go-http-client/1.1 HTTP User-Agent header 99 Go-http-client/1.1 HTTP User-Agent header 101 Go-http-client/1.1 HTTP User-Agent header 111 Go-http-client/1.1 HTTP User-Agent header 85 Go-http-client/1.1 HTTP User-Agent header 115 Go-http-client/1.1 HTTP User-Agent header 120 Go-http-client/1.1 HTTP User-Agent header 108 Go-http-client/1.1 HTTP User-Agent header 93 Go-http-client/1.1 HTTP User-Agent header 88 Go-http-client/1.1 HTTP User-Agent header 122 Go-http-client/1.1 HTTP User-Agent header 123 Go-http-client/1.1 HTTP User-Agent header 104 Go-http-client/1.1 HTTP User-Agent header 109 Go-http-client/1.1 HTTP User-Agent header 118 Go-http-client/1.1 HTTP User-Agent header 119 Go-http-client/1.1 HTTP User-Agent header 89 Go-http-client/1.1 HTTP User-Agent header 124 Go-http-client/1.1 HTTP User-Agent header 41 Go-http-client/1.1 HTTP User-Agent header 47 Go-http-client/1.1 HTTP User-Agent header 49 Go-http-client/1.1 HTTP User-Agent header 84 Go-http-client/1.1 HTTP User-Agent header 113 Go-http-client/1.1 HTTP User-Agent header 42 Go-http-client/1.1 HTTP User-Agent header 87 Go-http-client/1.1 HTTP User-Agent header 110 Go-http-client/1.1 HTTP User-Agent header 121 Go-http-client/1.1 HTTP User-Agent header 45 Go-http-client/1.1 HTTP User-Agent header 52 Go-http-client/1.1 HTTP User-Agent header 97 Go-http-client/1.1 HTTP User-Agent header 103 Go-http-client/1.1 HTTP User-Agent header 106 Go-http-client/1.1 HTTP User-Agent header 107 Go-http-client/1.1 HTTP User-Agent header 116 Go-http-client/1.1 HTTP User-Agent header 5 Go-http-client/1.1 HTTP User-Agent header 39 Go-http-client/1.1 HTTP User-Agent header 44 Go-http-client/1.1 HTTP User-Agent header 46 Go-http-client/1.1 HTTP User-Agent header 105 Go-http-client/1.1 HTTP User-Agent header 114 Go-http-client/1.1 HTTP User-Agent header 100 Go-http-client/1.1 HTTP User-Agent header 48 Go-http-client/1.1 HTTP User-Agent header 63 Go-http-client/1.1 HTTP User-Agent header 112 Go-http-client/1.1 -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeDebugPrivilege 3680 Bandicam.exe Token: SeShutdownPrivilege 3680 Bandicam.exe -
Suspicious use of WriteProcessMemory 2 IoCs
description pid Process procid_target PID 3680 wrote to memory of 2276 3680 Bandicam.exe 86 PID 3680 wrote to memory of 2276 3680 Bandicam.exe 86