Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

4c48924269...71.exe

windows7-x64

7

4c48924269...71.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    0s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 02:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4c48924269a6d9696b86b5fa6685ff71.exe

  • Size

    420KB

  • MD5

    4c48924269a6d9696b86b5fa6685ff71

  • SHA1

    d2e8171d3090ef5f5a018fcddcd4e87f6610d6a7

  • SHA256

    5d750bbac8bb5f7679c939b5eb4009083e8876b4318722b4ed199989efe5b49e

  • SHA512

    2ec3865a8fa47e003648063fa3c873bda4cf5765539862393d22c5d8f2a30ad8964520c10915d67abde7e9e66ce3421288cb4f3ead3ca5cfe2a57af99bdfe443

  • SSDEEP

    12288:ewaA3t7VPRw+8cOSQN2jyGFyFjISvfsJJa/oSdp:xpbw+8cze/jL4U7p

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4c48924269a6d9696b86b5fa6685ff71.exe
    "C:\Users\Admin\AppData\Local\Temp\4c48924269a6d9696b86b5fa6685ff71.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\GetRightToGo\4c48924269a6d9696b86b5fa6685ff71.data
    Filesize

    865B

    MD5

    e0a8deab4ac349f921506330849081dc

    SHA1

    637f2edc1fae3e14681c8a7ce0befde91666ca99

    SHA256

    d04ff52580db429f01e6ab276026f49dfdbf56ae277c0aac5f19b74d6a46511c

    SHA512

    b46a0d6a84ace7b3778bf3d8e3c9e94420222d98a708b9ee87f0dc12028070c4da678786fcd8723e75c91fd33c9950cc8294abdee68e0854458bd902222c6336

    Download Submit

  • C:\Users\Admin\AppData\Roaming\GetRightToGo\4c48924269a6d9696b86b5fa6685ff71.htm
    Filesize

    87KB

    MD5

    2290e78ddaffaa73838e9a67d679cbc7

    SHA1

    5e2583a2c5bad107c82cab2a495d559e1385ae41

    SHA256

    ca6005b88259d61bfc9943b1236cd4f6f12833f3134a3c1553545247d95aca2d

    SHA512

    a2c6ae503b264e30925c685efb6389175138fb809989d5e4c61e62345662c0d7a6e0de57c6a8f883209c7bf613c6be3fb4ca2031876d562271c8b111ad338abc

    Download Submit

  • memory/4928-0-0x0000000000400000-0x0000000000602000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4928-43-0x0000000000400000-0x0000000000602000-memory.dmp

    Filesize

    2.0MB

    Download