Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
145s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
27/01/2024, 13:32
General
-
Target
f3f6363a33c2340703d2337aaa28a56422e75c6436a149f30a37efdc76a9a6d4.exe
-
Size
705KB
-
MD5
73aac1a1a9b6c434522fe3b0ad36b4de
-
SHA1
1de4560cdc3cc10369157d27b31aa1ce024aa0aa
-
SHA256
f3f6363a33c2340703d2337aaa28a56422e75c6436a149f30a37efdc76a9a6d4
-
SHA512
e3376af9b4861e999336c4764f5ee7c33d8a04b1f66161d8a24e22456fa61cfcb2809992e78684b56ed2079e44b5586dd5b779204ff4dce5b3c840d391dea7c9
-
SSDEEP
12288:kW9B+VOFT0Iviu1cEftqaDpUOvw07yHTmpTwF008SzgpJCAWRXz9K1/XtQtQtF:kW9BBTB71ckJtUOv3c8Tq0C0JCAWRSlr
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in System32 directory 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f3f6363a33c2340703d2337aaa28a56422e75c6436a149f30a37efdc76a9a6d4.exe"C:\Users\Admin\AppData\Local\Temp\f3f6363a33c2340703d2337aaa28a56422e75c6436a149f30a37efdc76a9a6d4.exe"1⤵
- Drops file in System32 directory
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\alg.exeC:\Windows\System32\alg.exe1⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
61KB
MD51b1aee6325b16b7f360778a1cefa92b2
SHA133dffbdb0fe25c6d6ab646eb6b11cd3f1c2bc360
SHA2566e628c6a71040e946eb991429e5f5ab621c13a1ae24e353a15f18caf29a4d4a7
SHA512d033c68715b5013b9b631e087cdf53ee3a70a4b409f406e135dd494b24be5e3a97ffb648f68ae34ad07f74d4227754652c134c8321d071fbd0a883deb8b74069
-
Filesize
724KB
-
Filesize
408KB
-
Filesize
724KB
-
Filesize
408KB
-
Filesize
680KB
-
Filesize
680KB