Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

48094140be...92.exe

windows7-x64

6

48094140be...92.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    154s
  • max time network
    168s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 01:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    48094140be0c6f32765c7d795ae43d92.exe

  • Size

    37KB

  • MD5

    48094140be0c6f32765c7d795ae43d92

  • SHA1

    26c4a2a8a24f579c8405e751872c97969de460fb

  • SHA256

    5db26b8d873ad142e55e69eb37222ece5f44d6f0e1f330a6a5f90786c2b95467

  • SHA512

    b7b68f43084aeb2d589d42238440f9b725e7a865ca788fbd23c6022e0ee223a621c5ac3853c11cefd45d29c430f2f3a1955b7f5a0e6930006b5294a31f1a3a8a

  • SSDEEP

    768:qyqEjdD97PGaBvWSGoXwCCidV+AZF2sC9/O9772CF:DjlRnBuoACC2V+AasC9/2

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\48094140be0c6f32765c7d795ae43d92.exe
    "C:\Users\Admin\AppData\Local\Temp\48094140be0c6f32765c7d795ae43d92.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: RenamesItself
    PID:3192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3192-0-0x0000000000400000-0x0000000000424000-memory.dmp

    Filesize

    144KB

    Download

  • memory/3192-1-0x0000000000400000-0x0000000000424000-memory.dmp

    Filesize

    144KB

    Download

  • memory/3192-2-0x00000000001C0000-0x00000000001C3000-memory.dmp

    Filesize

    12KB

    Download

  • memory/3192-3-0x0000000000400000-0x0000000000424000-memory.dmp

    Filesize

    144KB

    Download

  • memory/3192-4-0x0000000000400000-0x0000000000424000-memory.dmp

    Filesize

    144KB

    Download

  • memory/3192-6-0x00000000001C0000-0x00000000001C3000-memory.dmp

    Filesize

    12KB

    Download

  • memory/3192-15-0x0000000000400000-0x0000000000424000-memory.dmp

    Filesize

    144KB

    Download

  • memory/3192-16-0x0000000000400000-0x0000000000424000-memory.dmp

    Filesize

    144KB

    Download