Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
161s -
max time network
172s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
31/12/2023, 03:09
Static task
static1
Behavioral task
behavioral1
Sample
25d27991b393130210e046d51b552f17.exe
Resource
win7-20231215-en
windows7-x64
Behavioral task
behavioral2
Sample
25d27991b393130210e046d51b552f17.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
General
-
Target
25d27991b393130210e046d51b552f17.exe
-
Size
256KB
-
MD5
25d27991b393130210e046d51b552f17
-
SHA1
7a7b3e32fd84359c32fad793c11d1a7da2ec02be
-
SHA256
71f3c7d35c6e83f4aee7b64b2d1bb05b56493e92a22fb6a0daad1155661e4ceb
-
SHA512
32af8de4940f691a1bc03b03f6334931bfcf353edbe3de9bb7c8d0199bb7b0af7db882e34fab0527e902d32256e9f3276bf4c08098190ed18cb7ca18868d2e2f
-
SSDEEP
3072:+OXovlkmLZusvgRRWiEK9Y3f5ujjveNreR8mtTBfmIyjM:B1gZu3W69Y3c3veVeR8mtTBbyjM
Malware Config
Signatures
-
Unexpected DNS network traffic destination 1 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
description ioc Destination IP 104.155.138.21 -
Suspicious behavior: EnumeratesProcesses 38 IoCs
pid Process 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe 5028 25d27991b393130210e046d51b552f17.exe