Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

52b41314d0...89.exe

windows7-x64

6

52b41314d0...89.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    145s
  • max time network
    83s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/01/2024, 05:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    52b41314d0b7af17b09a711bd699b889.exe

  • Size

    340KB

  • MD5

    52b41314d0b7af17b09a711bd699b889

  • SHA1

    db9b5e1697e6891ce6e2964ed91aba741bc7ee4c

  • SHA256

    167b3660e3582dcaca6b920c28914d60049486db67de585145afde571d00f125

  • SHA512

    1a80f4b427dc242063540a06183662bebd443bdb1de3cca92b654ffcb5d6c5666bea63888220257bbd9ca3990a8ed47346fc2ef905ad47cc76b29a8bde37f3f4

  • SSDEEP

    6144:NrxRVX3qSsO1s2rqg9CRKNpFk2P/ykDsyMraNkvkH:NFaSs5Sq4CRKNpFB6haNkvkH

Score
6/10

Malware Config

Signatures

  • Maps connected drives based on registry 3 TTPs 2 IoCs

    Disk information is often read in order to detect sandboxing environments.

  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\52b41314d0b7af17b09a711bd699b889.exe
    "C:\Users\Admin\AppData\Local\Temp\52b41314d0b7af17b09a711bd699b889.exe"
    1⤵
    • Maps connected drives based on registry
    • Drops file in Windows directory
    PID:1508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1508-0-0x00000000014B0000-0x00000000014B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1508-3-0x00000000014E0000-0x00000000014E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1508-4-0x0000000001510000-0x0000000001539000-memory.dmp

    Filesize

    164KB

    Download

  • memory/1508-12-0x0000000005710000-0x0000000005737000-memory.dmp

    Filesize

    156KB

    Download

  • memory/1508-18-0x0000000001510000-0x0000000001539000-memory.dmp

    Filesize

    164KB

    Download

  • memory/1508-16-0x0000000001510000-0x0000000001539000-memory.dmp

    Filesize

    164KB

    Download

  • memory/1508-9-0x0000000001510000-0x0000000001539000-memory.dmp

    Filesize

    164KB

    Download

  • memory/1508-5-0x0000000001650000-0x000000000167F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1508-1-0x00000000014C0000-0x00000000014C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1508-2-0x00000000014D0000-0x00000000014D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1508-25-0x0000000001510000-0x0000000001539000-memory.dmp

    Filesize

    164KB

    Download