Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

gjgkqcnicnlpa6vp.exe

windows7-x64

1

gjgkqcnicnlpa6vp.exe

windows10-2004-x64

1

Resubmissions

05/11/2023, 08:24

231105-katc9sfa72 3

05/11/2023, 08:20

231105-j8wevadb31 3

05/11/2023, 08:18

231105-j7qszada9x 3

Analysis

  • max time kernel
    210s
  • max time network
    200s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/11/2023, 08:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    gjgkqcnicnlpa6vp.exe

  • Size

    8.1MB

  • MD5

    b59986274ba7b0d065874f38e62ce35f

  • SHA1

    84707eaa115b0f681627a8e3ac8a97aee23fcb3b

  • SHA256

    208711fd8c34b70281f67d99871976e0b35c5ffe5465906e63be6a943888129e

  • SHA512

    771dc948b38c2354b5b8116e6509c74b3d9cc2e8c751aa3cc93431db8f6a6ab8a966939814dc8ae46c47f47ba358e829ce925627a5de116690920340aaf50186

  • SSDEEP

    196608:v3nJLovsDgzFQPu145/kO+FI/bvdIXG6/8PScsVtGZq:vnXgzCK45/kOsI/hI26/8Pt0t

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\gjgkqcnicnlpa6vp.exe
    "C:\Users\Admin\AppData\Local\Temp\gjgkqcnicnlpa6vp.exe"
    1⤵
      PID:3848
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:3660
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:4604

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        86ab75557703b4c5a59ac402ccd749ba

        SHA1

        4853bfbf499e4d6b275b4af29f9d1f69b89c1e6a

        SHA256

        0a26439513123491ccaddb07c50f2c7c1df1addd3ac5b01cd00f61914446e2a8

        SHA512

        9983aee72e3e58c766f4e6f4fbac7418bed8957584623e1582ff46e8fd1863fbd336d87cbc12f91e57d76ba7befa28baec83f70d30ffec71e8c3ab155a44004b

        Download Submit

      • memory/4604-40-0x0000020EFE440000-0x0000020EFE441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-42-0x0000020EFE440000-0x0000020EFE441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-33-0x0000020EFE440000-0x0000020EFE441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-34-0x0000020EFE440000-0x0000020EFE441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-35-0x0000020EFE440000-0x0000020EFE441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-36-0x0000020EFE440000-0x0000020EFE441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-37-0x0000020EFE440000-0x0000020EFE441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-38-0x0000020EFE440000-0x0000020EFE441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-39-0x0000020EFE440000-0x0000020EFE441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-43-0x0000020EFE070000-0x0000020EFE071000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-32-0x0000020EFE420000-0x0000020EFE421000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-41-0x0000020EFE440000-0x0000020EFE441000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-0-0x0000020EF5D40000-0x0000020EF5D50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4604-44-0x0000020EFE060000-0x0000020EFE061000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-46-0x0000020EFE070000-0x0000020EFE071000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-49-0x0000020EFE060000-0x0000020EFE061000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-52-0x0000020EFDFA0000-0x0000020EFDFA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-16-0x0000020EF5E40000-0x0000020EF5E50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4604-64-0x0000020EFE1A0000-0x0000020EFE1A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-66-0x0000020EFE1B0000-0x0000020EFE1B1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-67-0x0000020EFE1B0000-0x0000020EFE1B1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4604-68-0x0000020EFE2C0000-0x0000020EFE2C1000-memory.dmp

        Filesize

        4KB

        Download