Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    147s
  • max time network
    62s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/12/2023, 22:18

General

  • Target

    15295bb31e99bc38aa3f699a18a33fa8.exe

  • Size

    630KB

  • MD5

    15295bb31e99bc38aa3f699a18a33fa8

  • SHA1

    9c6c3b080220658a09d4a8ca051293f8bc74252c

  • SHA256

    36b9e828e9d22bba33691a7b2602ecb6a228bdd655d191a3e148d5d086b3893e

  • SHA512

    af87a93664d96a0d2e2bdf408915da54102b0f1b53986c34a26119cd5103d34379b5e0bcea2cf6f5ffc17794a5ef5710893b5bda15c3b972cc30a0d8991e89c9

  • SSDEEP

    12288:E6C0w9s0Dj3LF0JNjnmz0w8ajtzBwOhIzcJUE+Jpk+xzSL:Ex0w9s0DTLF0PKz0ruBNGoJUyyzSL

Score
7/10

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\15295bb31e99bc38aa3f699a18a33fa8.exe
    "C:\Users\Admin\AppData\Local\Temp\15295bb31e99bc38aa3f699a18a33fa8.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2420

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads