Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

8d88b6afcf...3f.exe

windows7-x64

10

8d88b6afcf...3f.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    0s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 20:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8d88b6afcfdf51afa91d7fbdbda3123f.exe

  • Size

    3.7MB

  • MD5

    8d88b6afcfdf51afa91d7fbdbda3123f

  • SHA1

    8992be4a6ad43f41f4098f5f6e16c52ce1a15128

  • SHA256

    f1a5c8f4f3ab1e52cb2b85da2c0a0a1196600d77864b2a08f10994df7ca19e47

  • SHA512

    1df17fbc715acee1c6a8067372c08e6566b50a92840af6d3369d00cf6f0cad9256f5d16f22f57055db89a9fb10520506f51f97eabf5177201f31fe9119df1527

  • SSDEEP

    98304:ebvEDT/eSXK4YubNjNS/AAjz0h+9I/E9rep:eE/LYuFNp4++hSp

Score
6/10

Malware Config

Signatures

  • Looks up external IP address via web service 2 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\8d88b6afcfdf51afa91d7fbdbda3123f.exe
    "C:\Users\Admin\AppData\Local\Temp\8d88b6afcfdf51afa91d7fbdbda3123f.exe"
    1⤵
      PID:4432
      • C:\Users\Admin\AppData\Local\Temp\cryptTROJAN.sfx.exe
        "C:\Users\Admin\AppData\Local\Temp\cryptTROJAN.sfx.exe"
        2⤵
          PID:3524
          • C:\Users\Admin\AppData\Local\Temp\cryptTROJAN.exe
            "C:\Users\Admin\AppData\Local\Temp\cryptTROJAN.exe"
            3⤵
              PID:4576

        Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\cryptTROJAN.sfx.exe
          Filesize

          92KB

          MD5

          30a9ecd87ef83fad4841504b594bcd70

          SHA1

          fe121605773f4399ef4b0e8a7926212ae325a072

          SHA256

          c0dd995ff69e6120827b39e38541842f23c90338aeb439c6dbd9d64de72326f1

          SHA512

          e048693070bb740e5fab42212c4b263b4b7895f51dc89f5b1797acc404fbbe3553dfb216ec54475c2b95dc8bddea951d079094118ba06a8c7b9d1aa0d41af710

          Download Submit

        • memory/4576-23-0x00000000003F0000-0x000000000079C000-memory.dmp

          Filesize

          3.7MB

          Download

        • memory/4576-26-0x00000000003F0000-0x000000000079C000-memory.dmp

          Filesize

          3.7MB

          Download

        • memory/4576-25-0x0000000073A30000-0x00000000741E0000-memory.dmp

          Filesize

          7.7MB

          Download

        • memory/4576-27-0x0000000005850000-0x0000000005860000-memory.dmp

          Filesize

          64KB

          Download

        • memory/4576-28-0x0000000006140000-0x00000000061D2000-memory.dmp

          Filesize

          584KB

          Download

        • memory/4576-24-0x00000000003F0000-0x000000000079C000-memory.dmp

          Filesize

          3.7MB

          Download

        • memory/4576-61-0x0000000006C90000-0x0000000007234000-memory.dmp

          Filesize

          5.6MB

          Download

        • memory/4576-157-0x0000000006B40000-0x0000000006BA6000-memory.dmp

          Filesize

          408KB

          Download

        • memory/4576-161-0x00000000003F0000-0x000000000079C000-memory.dmp

          Filesize

          3.7MB

          Download

        • memory/4576-162-0x0000000073A30000-0x00000000741E0000-memory.dmp

          Filesize

          7.7MB

          Download