Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

MicrotrendAudio.exe

windows7-x64

1

MicrotrendAudio.exe

windows10-2004-x64

1

b5tnf9h4zy.dll

windows7-x64

8

b5tnf9h4zy.dll

windows10-2004-x64

8

Analysis

  • max time kernel
    198s
  • max time network
    208s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/10/2023, 02:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MicrotrendAudio.exe

  • Size

    776KB

  • MD5

    48612907f00b6913bce7a837a127eb8f

  • SHA1

    66cfb3252c6455f5c53f5468c6e8e1b366e6727f

  • SHA256

    e0949645223fac30995ecada85a9ad49fef4c57881652a9d7b1e14d974992431

  • SHA512

    e07c93980f66cfb66040fec566d4a4bf893e11297886e1cc4eed2f4e5d07cf1c6c042939ca38d2ff83cfb479c32c52ae0c4f594ef2e3a67b4493235f3a7ab197

  • SSDEEP

    24576:zjFPcsRZviJwTSRzdfgSLbirY1cO3EwNTVnW/k2:KJwmpfgONT2k2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 42 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MicrotrendAudio.exe
    "C:\Users\Admin\AppData\Local\Temp\MicrotrendAudio.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4052-0-0x0000000000C40000-0x0000000000C50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4052-1-0x0000000005010000-0x0000000005128000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/4052-3-0x0000000074F10000-0x0000000075028000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/4052-2-0x0000000074640000-0x0000000074DF0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4052-4-0x0000000000C40000-0x0000000000C50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4052-5-0x0000000074640000-0x0000000074DF0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4052-6-0x0000000001150000-0x000000000115A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4052-7-0x0000000009F60000-0x000000000A504000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4052-8-0x0000000000ED0000-0x0000000000F62000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4052-9-0x0000000005000000-0x000000000500A000-memory.dmp

    Filesize

    40KB

    Download