Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

0835446f91...fa.exe

windows7-x64

7

0835446f91...fa.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 00:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0835446f91d7e4021b85805a981560fa.exe

  • Size

    6KB

  • MD5

    0835446f91d7e4021b85805a981560fa

  • SHA1

    2ee9690c8538befe9a819ce468922703f07dc701

  • SHA256

    0bb6b860af7efaafa9cf2dcd81fc19529847f8c35f0908340e44e6ac25cc917e

  • SHA512

    f6752f9b4db3cf20216ce0a420faa47f6fbf16e12ed1936b6732c56c4b9e8dc9ec89a7f8fa81f943abc479c72a29711241b1ffc654c06b7dfecb837788ff1d7b

  • SSDEEP

    96:fvl7yOWeX42MDdsZl0veZBA8UZBooSw59K36ppBuXnjhg9Y:V7xsvuZln8ZBooSklOjh4Y

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0835446f91d7e4021b85805a981560fa.exe
    "C:\Users\Admin\AppData\Local\Temp\0835446f91d7e4021b85805a981560fa.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:4060
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\4AA5.bat
      2⤵
        PID:688

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\4AA5.bat
      Filesize

      183B

      MD5

      3b2de6fdc0fd68c07bac598612864f45

      SHA1

      3505a2470a44a027698918ae5e8209a10638b233

      SHA256

      8f6f2d3f0305b8c1cdd4446ba058605ff79484eb54c224bec5c495d3b1e9ddda

      SHA512

      6dea8bcc173f1d25fce400bfb051f20173d57eff8f852dcfa16b55b2f7e4a6a63c7088bacb39eb91fa0aa97bad6682ac1c8b3d29e32ceb8aa48731d0ac68667f

      Download Submit

    • memory/4060-0-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/4060-3-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download