Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Vacuum (2) (2).exe

windows7-x64

1

Vacuum (2) (2).exe

windows10-2004-x64

1

Resubmissions

07/01/2024, 22:13

240107-15e25afcbr 3

05/01/2024, 08:43

240105-km1ywagebq 3

Analysis

  • max time kernel
    0s
  • max time network
    59s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/01/2024, 08:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Vacuum (2) (2).exe

  • Size

    6.0MB

  • MD5

    dc112d6f1dffbd1f1049413a493c41b3

  • SHA1

    3022f9f85d85735b000af193ae766b2576eee537

  • SHA256

    43d0cd2a2ebaf029a98545e0cd3b0013ae7564fe9e0e19b378e67c8b0737d29e

  • SHA512

    e47145277c4731a2ba513b699b2e1a380b7a3733658c2d7719d53a287f4a60f13a66dc8d14688282343dfbe7501d4d81ff71fdceadf012135de0ad5948fc3472

  • SSDEEP

    98304:Yg09C7lJw/kngbjkEksToRep9fTqGAakUNP3e7NpGmtCgGig/XG+AhAXNhFg9e:MY7okn0rxqhak83MPfRQG+3Fgs

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\Vacuum (2) (2).exe
    "C:\Users\Admin\AppData\Local\Temp\Vacuum (2) (2).exe"
    1⤵
      PID:4936
      • C:\Windows\SYSTEM32\cmd.exe
        "cmd.exe" /C wmic baseboard get serialnumber
        2⤵
          PID:3772
        • C:\Windows\SYSTEM32\cmd.exe
          "cmd.exe" /C wmic logicaldisk get volumeserialnumber
          2⤵
            PID:2360
          • C:\Windows\SYSTEM32\cmd.exe
            "cmd.exe" /C wmic CPU get Architecture
            2⤵
              PID:1588
            • C:\Windows\SYSTEM32\cmd.exe
              "cmd.exe" /C wmic path Win32_videocontroller get PNPDeviceID
              2⤵
                PID:5044
              • C:\Windows\SYSTEM32\cmd.exe
                "cmd.exe" /C wmic baseboard get serialnumber
                2⤵
                  PID:3104
                • C:\Windows\SYSTEM32\cmd.exe
                  "cmd.exe" /C wmic logicaldisk get volumeserialnumber
                  2⤵
                    PID:2808
                  • C:\Windows\SYSTEM32\cmd.exe
                    "cmd.exe" /C wmic CPU get Architecture
                    2⤵
                      PID:2972
                    • C:\Windows\SYSTEM32\cmd.exe
                      "cmd.exe" /C wmic path Win32_videocontroller get PNPDeviceID
                      2⤵
                        PID:2732
                    • C:\Windows\System32\Wbem\WMIC.exe
                      wmic path Win32_videocontroller get PNPDeviceID
                      1⤵
                        PID:3868
                      • C:\Windows\System32\Wbem\WMIC.exe
                        wmic CPU get Architecture
                        1⤵
                          PID:1468
                        • C:\Windows\System32\Wbem\WMIC.exe
                          wmic logicaldisk get volumeserialnumber
                          1⤵
                            PID:4080
                          • C:\Windows\System32\Wbem\WMIC.exe
                            wmic baseboard get serialnumber
                            1⤵
                              PID:2132
                            • C:\Windows\System32\Wbem\WMIC.exe
                              wmic path Win32_videocontroller get PNPDeviceID
                              1⤵
                                PID:2416
                              • C:\Windows\System32\Wbem\WMIC.exe
                                wmic CPU get Architecture
                                1⤵
                                  PID:3460
                                • C:\Windows\System32\Wbem\WMIC.exe
                                  wmic logicaldisk get volumeserialnumber
                                  1⤵
                                    PID:3208
                                  • C:\Windows\System32\Wbem\WMIC.exe
                                    wmic baseboard get serialnumber
                                    1⤵
                                      PID:5040

                                    Network

                                    MITRE ATT&CK Matrix

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • memory/4936-0-0x00000162FB050000-0x00000162FB650000-memory.dmp

                                      Filesize

                                      6.0MB

                                      Download

                                    • memory/4936-1-0x00007FFB99CF0000-0x00007FFB9A7B1000-memory.dmp

                                      Filesize

                                      10.8MB

                                      Download

                                    • memory/4936-2-0x00000162FDA60000-0x00000162FDB34000-memory.dmp

                                      Filesize

                                      848KB

                                      Download

                                    • memory/4936-3-0x00000162FDA50000-0x00000162FDA60000-memory.dmp

                                      Filesize

                                      64KB

                                      Download

                                    • memory/4936-4-0x00000162FF630000-0x00000162FF658000-memory.dmp

                                      Filesize

                                      160KB

                                      Download

                                    • memory/4936-6-0x00000162FF6C0000-0x00000162FF6F8000-memory.dmp

                                      Filesize

                                      224KB

                                      Download

                                    • memory/4936-9-0x00000162FDA50000-0x00000162FDA60000-memory.dmp

                                      Filesize

                                      64KB

                                      Download

                                    • memory/4936-8-0x00000162FDA50000-0x00000162FDA60000-memory.dmp

                                      Filesize

                                      64KB

                                      Download

                                    • memory/4936-7-0x00000162FF680000-0x00000162FF68E000-memory.dmp

                                      Filesize

                                      56KB

                                      Download

                                    • memory/4936-10-0x00000162FDA50000-0x00000162FDA60000-memory.dmp

                                      Filesize

                                      64KB

                                      Download

                                    • memory/4936-5-0x00000162FF670000-0x00000162FF678000-memory.dmp

                                      Filesize

                                      32KB

                                      Download

                                    • memory/4936-11-0x000001629C940000-0x000001629C9F2000-memory.dmp

                                      Filesize

                                      712KB

                                      Download

                                    • memory/4936-12-0x00000162FF860000-0x00000162FF882000-memory.dmp

                                      Filesize

                                      136KB

                                      Download

                                    • memory/4936-13-0x00007FFB99CF0000-0x00007FFB9A7B1000-memory.dmp

                                      Filesize

                                      10.8MB

                                      Download

                                    • memory/4936-14-0x00000162FDA50000-0x00000162FDA60000-memory.dmp

                                      Filesize

                                      64KB

                                      Download

                                    • memory/4936-16-0x00000162FDA50000-0x00000162FDA60000-memory.dmp

                                      Filesize

                                      64KB

                                      Download

                                    • memory/4936-15-0x00000162FDA50000-0x00000162FDA60000-memory.dmp

                                      Filesize

                                      64KB

                                      Download