Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

5586be6ae9...61.exe

windows7-x64

6

5586be6ae9...61.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/01/2024, 04:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5586be6ae9e73a69234b9d3135fb1961.exe

  • Size

    237KB

  • MD5

    5586be6ae9e73a69234b9d3135fb1961

  • SHA1

    1e7fe6d2db30e7d9402ef5194a4075fc40fd8632

  • SHA256

    22bd7b7309bab79b833a258be7aa919bcc4f904b242dc8d10a42ab44e8e9fee8

  • SHA512

    d0320ca7e71dd11e93c78d289d3caa08908d0fe0a2cab60fa06654e3dee7c73efbd0e3ff454c310dc9ebc38ab0cadc27a4bcf40597b870d04fda99241f91c5c6

  • SSDEEP

    3072:LAkb8JgrIEkdjuPWCakVm6fIlixW7lkSuCKdT5hUFQwQ7t3ecIQKawfEU6q1RTGw:LQaB57Vm63CLvxds29/

Score
6/10
evasionpersistencetrojan

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5586be6ae9e73a69234b9d3135fb1961.exe
    "C:\Users\Admin\AppData\Local\Temp\5586be6ae9e73a69234b9d3135fb1961.exe"
    1⤵
    • Adds Run key to start application
    • Checks whether UAC is enabled
    • Suspicious behavior: EnumeratesProcesses
    PID:1488

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1488-0-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1488-2-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/1488-1-0x00000000005E0000-0x0000000000608000-memory.dmp

    Filesize

    160KB

    Download