Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

f798429a9e...cf.exe

windows7-x64

6

f798429a9e...cf.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    37s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/12/2023, 20:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f798429a9ee3540c816cf23c4f9ab5cf.exe

  • Size

    131KB

  • MD5

    f798429a9ee3540c816cf23c4f9ab5cf

  • SHA1

    4f9ed4cef86c10ed42e1f33508e4cf270f903219

  • SHA256

    e5691b40c4b0ba6e8d7a7087a153d6b2ae2b59426fc32341b60f4374e2c7facc

  • SHA512

    8b6019948ba75f88cb6c9b1457fe4cb7a81e875a1a83fde4242897190ea4db7535d59f3a6045e4ef9c1ae3fa3b852f114741f1f40193ac6654f4e21efc61eec2

  • SSDEEP

    3072:wQFHCS3oIU157MVbHtLnWWyqMdyrOjUlrCOTzffu6J2N7o9/:wQwS9tHtD3bMdGuIz3u22N+

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f798429a9ee3540c816cf23c4f9ab5cf.exe
    "C:\Users\Admin\AppData\Local\Temp\f798429a9ee3540c816cf23c4f9ab5cf.exe"
    1⤵
    • Adds Run key to start application
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    PID:2208

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2208-2-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2208-1-0x0000000000600000-0x000000000062C000-memory.dmp

    Filesize

    176KB

    Download

  • memory/2208-25789-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2208-53254-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2208-67344-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2208-80838-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2208-98367-0x0000000004340000-0x0000000004341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2208-98366-0x0000000004340000-0x0000000004341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2208-98365-0x0000000004330000-0x0000000004331000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2208-98368-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2208-98369-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2208-98371-0x0000000004340000-0x0000000004341000-memory.dmp

    Filesize

    4KB

    Download