Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

2a5d353ab9...24.exe

windows7-x64

1

2a5d353ab9...24.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 15:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2a5d353ab93d92d4da5018ef2ef34624.exe

  • Size

    220KB

  • MD5

    2a5d353ab93d92d4da5018ef2ef34624

  • SHA1

    79ff26ad84841d85270660b161171da24f3443ea

  • SHA256

    441d7525ba021bc950e7abcaf1400d8023e6e58712ecf1c2a118bbd91f810943

  • SHA512

    b8a6c1684d167fb12ff63d45bc983a03e37d34538c6b75387f9367b7ef0e2f1628172760ffe1d906921191841703bb5d534773cdee862195eb99db9972b536c7

  • SSDEEP

    6144:tGEkRDc+jY2ZuoMpQHbkEiIvOT4l4RD7qCoS:c9lVMpQbkGo42RjoS

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2a5d353ab93d92d4da5018ef2ef34624.exe
    "C:\Users\Admin\AppData\Local\Temp\2a5d353ab93d92d4da5018ef2ef34624.exe"
    1⤵
      PID:3424
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x510 0x4a0
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:820

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3424-0-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-1-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-4-0x0000000000AB0000-0x0000000000AB1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3424-3-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-5-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-6-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-7-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-8-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-9-0x0000000000AB0000-0x0000000000AB1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3424-10-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-11-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-12-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-13-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-14-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-15-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-16-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download

    • memory/3424-17-0x0000000000400000-0x00000000004AC000-memory.dmp

      Filesize

      688KB

      Download