Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2023, 19:51

General

  • Target

    cea7e2067db07b510e254551a8964a10_exe64.exe

  • Size

    2.0MB

  • MD5

    cea7e2067db07b510e254551a8964a10

  • SHA1

    d2b4d1b051fe1a1886dda8efabd58a6333088152

  • SHA256

    f15c69823a60162af9d6ba8c9fd851912e4ddfae19658aa65f4d731bde90917e

  • SHA512

    e7406dbf878d89f0a76a2c253ef60db5e04ac616cb1ecb89e2d10a9b5ace5bb07c33b479cd5c89d0acc09c39ac6ca08739d7381d5a7f19ed7cf7595dc1e20751

  • SSDEEP

    49152:SLbYI4I0bVKBUhx8CRSrzQ8vbeKgSRpXxmDYeQeaUx7qE7YPRVlbnXf9gPTTW7H/:iYZkBU6ZvCK/phm8eQN8cRVlbnP9WXWz

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cea7e2067db07b510e254551a8964a10_exe64.exe
    "C:\Users\Admin\AppData\Local\Temp\cea7e2067db07b510e254551a8964a10_exe64.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3004-0-0x0000000001B70000-0x0000000001BD0000-memory.dmp

    Filesize

    384KB

  • memory/3004-2-0x0000000100000000-0x0000000100202000-memory.dmp

    Filesize

    2.0MB

  • memory/3004-8-0x0000000001B70000-0x0000000001BD0000-memory.dmp

    Filesize

    384KB

  • memory/3004-7-0x0000000001B70000-0x0000000001BD0000-memory.dmp

    Filesize

    384KB

  • memory/3004-10-0x0000000001B70000-0x0000000001BD0000-memory.dmp

    Filesize

    384KB

  • memory/3004-12-0x0000000100000000-0x0000000100202000-memory.dmp

    Filesize

    2.0MB