Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25/12/2023, 19:37
Behavioral task
behavioral1
Sample
bnbz.tk/bnbz.tk.url
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
bnbz.tk/bnbz.tk.url
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
bnbz.tk/xtw.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
bnbz.tk/xtw.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
bnbz.tk/xtw.exe
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
bnbz.tk/xtw.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral7
Sample
bnbz.tk/xtw.dll
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
bnbz.tk/xtw.dll
Resource
win10v2004-20231215-en
General
-
Target
bnbz.tk/xtw.exe
-
Size
1.6MB
-
MD5
c2d96dbb902b72a686fff1cc4ad028ce
-
SHA1
cb951fe6b7e1ae9863846b0ebc38d951a9525278
-
SHA256
d31cf94ca55682ba051ab45f66ce6fcbd55d7628f5561190baf1c2a553ab3d27
-
SHA512
fc60ac6c74b3bffd6f925fc78d255c1b2a4228fe72dac5341aec4e3be885e306b5fb302d8ff2c2c92ceb3b140b5c0d2800fa5c971c3f987d825208b1b85fefe0
-
SSDEEP
24576:BcDCA0+uNY40ZKJ/FLSfCBzZ7R/PCU2QLuSggRu5yq2SVQ:BatOJiMl9/PC7QL/joF2p
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 1200 xtw.exe 1200 xtw.exe 1200 xtw.exe 1200 xtw.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 1200 xtw.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 1200 xtw.exe 1200 xtw.exe