Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

SecuriteIn...87.exe

windows7-x64

8

SecuriteIn...87.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    150s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/01/2024, 08:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Win64.TrojanX-gen.25987.exe

  • Size

    1.2MB

  • MD5

    96303d7045fe1884fcb1a1eceb8b1d54

  • SHA1

    375fcf2c71c73542619a31b29a60a9cefac47ee1

  • SHA256

    c853c30b38a8b70d21f652256707eb2efac85c997618d27e97e082682b2404ee

  • SHA512

    6c011c1b8c2dea90fd7458e459959b0b97927cda23ca48da57471d5556c390c2ad8e2719d3d25b2369635ee235c8e437df2202557423b6885c79844f6d39fafd

  • SSDEEP

    24576:yapOBaEqPEM3Kom6LV9VDevAP3I//h0lhSMXlrCnl6e4X12Kw:npOBZM33V9mf/+mn4H

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win64.TrojanX-gen.25987.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win64.TrojanX-gen.25987.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:4988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\7V1N9ZS9\Roboto-Regular[1].htm
    Filesize

    162B

    MD5

    4f8e702cc244ec5d4de32740c0ecbd97

    SHA1

    3adb1f02d5b6054de0046e367c1d687b6cdf7aff

    SHA256

    9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

    SHA512

    21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

    Download Submit

  • C:\Users\Admin\AppData\Roaming\BVTRUYTTRhy\Default.theme
    Filesize

    41KB

    MD5

    f73732b7af1501453bdf8a445d540dfd

    SHA1

    70227a7137cef04124e19fec2533838a147fd65b

    SHA256

    49406994946241106a7e0ed6e590c5a1166382d3d429ef5a05d1313364433312

    SHA512

    839a343ba4b808b29e7d3e548d94f3b3579fb165e75156797c7ec573bf9a96b20f027f116fbecb96b1ccc6efa0e257cfb877058ceb8232cf85c5972acaf780bc

    Download Submit

  • C:\Users\Admin\AppData\Roaming\BVTRUYTTRhy\outline.json
    Filesize

    2.7MB

    MD5

    67add4e11bfd289b0bdbfd51d43d19ca

    SHA1

    e73476ac1bb3fb4167fe860e62f6bce0bab82f2b

    SHA256

    cd2cb7696feaea6b9643a036fb9695883fbd531013305a57b6db531d5a348a87

    SHA512

    f2ecc71a5cc9cffa765411e999d003238b13132463fb8f2d0c5b79a7c9f5e9216a7da31ad751654c46785d6e4d05c940c9ac59a614fb7c9edbf9bb554f11f42a

    Download Submit