Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

1705809ef1...e9.exe

windows7-x64

1

1705809ef1...e9.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 11:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1705809ef12c68bcb76de795f5be70e9.exe

  • Size

    653KB

  • MD5

    1705809ef12c68bcb76de795f5be70e9

  • SHA1

    ca2364016dc3e888acc1b60b4c232c1cd222f7d1

  • SHA256

    51dd18775d6de9a0ad24a3087b6ae5d98d5f98808a7803e78664b6de62d1017b

  • SHA512

    7847034bca068ad9582cc043e4b6020c664fe39dc21ab013c1ba1020535488b94b91ade93d6de4dd0c123560aa94c7eea6f9146c49a398adf55573d2dcd69258

  • SSDEEP

    12288:gE0f86mBu9txwMhhZaASAyppOxyGk2EmiXapm1fqJUVmRugr:gE0EEbwMhhZarp0xRkHXao+KmRua

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 58 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1705809ef12c68bcb76de795f5be70e9.exe
    "C:\Users\Admin\AppData\Local\Temp\1705809ef12c68bcb76de795f5be70e9.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1592-0-0x0000000002250000-0x0000000002251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1592-1-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-2-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-3-0x0000000002250000-0x0000000002251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1592-4-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-5-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-6-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-7-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-8-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-9-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-10-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-11-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-12-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-13-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-14-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download

  • memory/1592-15-0x0000000000400000-0x00000000004AA000-memory.dmp

    Filesize

    680KB

    Download