Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

Allavsoft ...gn.exe

windows7-x64

5

Allavsoft ...gn.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    158s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    28/10/2023, 22:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Allavsoft Video Downloader Kgn.exe

  • Size

    3.0MB

  • MD5

    6077776fe59a425dd08db1d8f92c79e3

  • SHA1

    1319bf8e576169a5fba18136b7b272b45c46e3f5

  • SHA256

    bc8e395a93f0d68b20f2560d3e5a290117201085812ea2f0464ad8bd74d65fc5

  • SHA512

    bd2ed61e32ebbe4f9c658ed903aa383e0acd5e6f257b1b068311ebfaabfd35363bd5b9d2d984b21f6ed583573d81c0d9ef78618335758cd17c8192089547992c

  • SSDEEP

    49152:Wb6x0Pgkw2CdDU7NcxIzmRy6e6mSktPho7/w4cLFFnXrU+RfGWF:n92CZUqCz1RNaERj7UCeW

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 14 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Allavsoft Video Downloader Kgn.exe
    "C:\Users\Admin\AppData\Local\Temp\Allavsoft Video Downloader Kgn.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:2624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2624-0-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-1-0x000000007EBD0000-0x000000007EFA1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/2624-2-0x00000000003D0000-0x00000000003D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2624-3-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-4-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-5-0x000000007EBD0000-0x000000007EFA1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/2624-6-0x00000000003D0000-0x00000000003D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2624-7-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-8-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-9-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-11-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-12-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-13-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-14-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-15-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-16-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download

  • memory/2624-17-0x0000000000400000-0x0000000000F02000-memory.dmp

    Filesize

    11.0MB

    Download