Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
143s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
24/01/2024, 10:44
General
-
Target
7205dcffb1696a4c427ad4eb2cf6b4a2.exe
-
Size
19KB
-
MD5
7205dcffb1696a4c427ad4eb2cf6b4a2
-
SHA1
bca3708cc028d5f541579839448b32bb81ee9f6c
-
SHA256
acc75b97c44c074c302f287fabb1b1ced50bb08ac01cf0281b9d5b6a27befac3
-
SHA512
e0ab2d4f4ce30d277d66b64da1da56de0d914506436cf4511b60f0b2062d5582dc9321ca5a3597c2f40bd9d9a7462c8e24731e9edb27fc4112679a7bd4b5f749
-
SSDEEP
384:m9aHrWRiM1Z3Wq6JVYNCA1BDrYLR7PcThAsQ3/z7Q+sQUADQ:wwrWgM1kjYNLTIR7EThAsQ3r7Q+Xjs
Score
7/10
Malware Config
Signatures
-
UPX packed file 5 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Program crash 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\7205dcffb1696a4c427ad4eb2cf6b4a2.exe"C:\Users\Admin\AppData\Local\Temp\7205dcffb1696a4c427ad4eb2cf6b4a2.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1480 -s 3122⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 1480 -ip 14801⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB