Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

nc.exe

windows7-x64

1

nc.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/10/2023, 02:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    nc.exe

  • Size

    37KB

  • MD5

    5dcf26e3fbce71902b0cd7c72c60545b

  • SHA1

    970bbe298c8ec673fe2257ad6363d29942171fd1

  • SHA256

    e8fbec25db4f9d95b5e8f41cca51a4b32be8674a4dea7a45b6f7aeb22dbc38db

  • SHA512

    b5b5ebe0e333a7331a08f488a66e9a3ff4ea5f5d2552bbc1477627df32f92fdf2a0c279e929cc93a61e20d90f7797f552f2c3a710903cbccc441d14b018928e1

  • SSDEEP

    768:mucfgSLKkEXRYxLKlVMGmmkn2TocrC+q4rPBn:vcfpKkEqKlGGmjwTrC+q4rPBn

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\nc.exe
    "C:\Users\Admin\AppData\Local\Temp\nc.exe"
    1⤵
      PID:4552
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:3312
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1896

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        572e44fb3fcb41f1f74aa9d006a1e5a8

        SHA1

        0ac56c52f6d5d9a17ed52dcd8b50a4c556c18f9c

        SHA256

        b87dd1fada91d5621b0b52cb173689e35121ac7ad87e938d23b95f99457c510e

        SHA512

        4fa90ddf4d5ae5c2f250b9ed0cdcf19198111e6a6b6f652a8e008a2929e53545e1c164fe329fcc6d77eadcfcdecd6030195ed284b410249c9cb82e7ace6d8883

        Download Submit

      • memory/1896-49-0x000001A17D4D0000-0x000001A17D4D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-46-0x000001A17D4D0000-0x000001A17D4D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-40-0x000001A17D4A0000-0x000001A17D4A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-41-0x000001A17D4D0000-0x000001A17D4D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-42-0x000001A17D4D0000-0x000001A17D4D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-43-0x000001A17D4D0000-0x000001A17D4D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-44-0x000001A17D4D0000-0x000001A17D4D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-50-0x000001A17D4D0000-0x000001A17D4D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-76-0x000001A17D340000-0x000001A17D341000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-47-0x000001A17D4D0000-0x000001A17D4D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-24-0x000001A174F40000-0x000001A174F50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1896-48-0x000001A17D4D0000-0x000001A17D4D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-45-0x000001A17D4D0000-0x000001A17D4D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-51-0x000001A17D100000-0x000001A17D101000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-52-0x000001A17D0F0000-0x000001A17D0F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-54-0x000001A17D100000-0x000001A17D101000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-57-0x000001A17D0F0000-0x000001A17D0F1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-60-0x000001A1747E0000-0x000001A1747E1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-8-0x000001A174E40000-0x000001A174E50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/1896-72-0x000001A17D220000-0x000001A17D221000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-74-0x000001A17D230000-0x000001A17D231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1896-75-0x000001A17D230000-0x000001A17D231000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4552-0-0x0000000000400000-0x000000000040E000-memory.dmp

        Filesize

        56KB

        Download