Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

78d0184ed9...41.exe

windows7-x64

3

78d0184ed9...41.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/01/2024, 00:37 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    78d0184ed9666389b41cc6adb2eafa41.exe

  • Size

    65KB

  • MD5

    78d0184ed9666389b41cc6adb2eafa41

  • SHA1

    0663a7d9f626af8748e5ffff5a2cbd1c71c147c8

  • SHA256

    7dad654c9ba23ff1f6d3346cfbe712163f25b84b322b87affaad78b6b5165671

  • SHA512

    038f09302473540cd18f9e79d6d35402004596f2d4705a516ff25ab7ad51b2e48295000d108e295d46714a014a173fa199681b1d8ffbd5846fcb0a6aafd10745

  • SSDEEP

    768:JQxkwifBsIKFZpcrkMEYEhA7P4RhAtmaZFb79U9MKAjBEigp/1k21m3uHRdMNDjF:J8kwiFTEhU4HDa1KkjWXta21mc/Mue9N

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\78d0184ed9666389b41cc6adb2eafa41.exe
    "C:\Users\Admin\AppData\Local\Temp\78d0184ed9666389b41cc6adb2eafa41.exe"
    1⤵
      PID:3608
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3608 -s 396
        2⤵
        • Program crash
        PID:4732
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3608 -ip 3608
      1⤵
        PID:5080

      Network

      • flag-us
        DNS
        13.86.106.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        13.86.106.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        194.178.17.96.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        194.178.17.96.in-addr.arpa
        IN PTR
        Response
        194.178.17.96.in-addr.arpa
        IN PTR
        a96-17-178-194deploystaticakamaitechnologiescom
      • flag-us
        DNS
        2.159.190.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        2.159.190.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        95.221.229.192.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        95.221.229.192.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        178.223.142.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        178.223.142.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        28.118.140.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        28.118.140.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        103.169.127.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        103.169.127.40.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        198.187.3.20.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        198.187.3.20.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        240.221.184.93.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        240.221.184.93.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        0.205.248.87.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        0.205.248.87.in-addr.arpa
        IN PTR
        Response
        0.205.248.87.in-addr.arpa
        IN PTR
        https-87-248-205-0lgwllnwnet
      • flag-us
        DNS
        43.229.111.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        43.229.111.52.in-addr.arpa
        IN PTR
        Response
      • flag-us
        DNS
        180.178.17.96.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        180.178.17.96.in-addr.arpa
        IN PTR
        Response
        180.178.17.96.in-addr.arpa
        IN PTR
        a96-17-178-180deploystaticakamaitechnologiescom
      • flag-us
        DNS
        169.117.168.52.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        169.117.168.52.in-addr.arpa
        IN PTR
        Response
      No results found
      • 8.8.8.8:53
        13.86.106.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        13.86.106.20.in-addr.arpa

      • 8.8.8.8:53
        194.178.17.96.in-addr.arpa
        dns
        72 B
         137 B
         1
        1

        DNS Request

        194.178.17.96.in-addr.arpa

      • 8.8.8.8:53
        2.159.190.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        2.159.190.20.in-addr.arpa

      • 8.8.8.8:53
        95.221.229.192.in-addr.arpa
        dns
        73 B
         144 B
         1
        1

        DNS Request

        95.221.229.192.in-addr.arpa

      • 8.8.8.8:53
        178.223.142.52.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        178.223.142.52.in-addr.arpa

      • 8.8.8.8:53
        28.118.140.52.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        28.118.140.52.in-addr.arpa

      • 8.8.8.8:53
        103.169.127.40.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        103.169.127.40.in-addr.arpa

      • 8.8.8.8:53
        198.187.3.20.in-addr.arpa
        dns
        71 B
         157 B
         1
        1

        DNS Request

        198.187.3.20.in-addr.arpa

      • 8.8.8.8:53
        240.221.184.93.in-addr.arpa
        dns
        73 B
         144 B
         1
        1

        DNS Request

        240.221.184.93.in-addr.arpa

      • 8.8.8.8:53
        0.205.248.87.in-addr.arpa
        dns
        71 B
         116 B
         1
        1

        DNS Request

        0.205.248.87.in-addr.arpa

      • 8.8.8.8:53
        43.229.111.52.in-addr.arpa
        dns
        72 B
         158 B
         1
        1

        DNS Request

        43.229.111.52.in-addr.arpa

      • 8.8.8.8:53
        180.178.17.96.in-addr.arpa
        dns
        72 B
         137 B
         1
        1

        DNS Request

        180.178.17.96.in-addr.arpa

      • 8.8.8.8:53
        169.117.168.52.in-addr.arpa
        dns
        73 B
         147 B
         1
        1

        DNS Request

        169.117.168.52.in-addr.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3608-0-0x0000000000400000-0x0000000000421000-memory.dmp

        Filesize

        132KB

        Download

      • memory/3608-1-0x0000000000400000-0x0000000000421000-memory.dmp

        Filesize

        132KB

        Download

      • memory/3608-2-0x0000000002170000-0x0000000002191000-memory.dmp

        Filesize

        132KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.