Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
1792s -
max time network
1477s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
03/02/2024, 11:58
General
-
Target
MPC-HC.2.1.4.x64.exe
-
Size
19.4MB
-
MD5
11abd96e10220e65d99c8504f5a418fc
-
SHA1
891fde187e7993d827d830a8220dc5be5bdde7dc
-
SHA256
13a6ed1dd19667b6c1786988f97add9459c94f184bd74a7dbfe42ffe11a3de79
-
SHA512
7330b8bd902bccbd25d97b55b58f9cf0bd5f22c411a5972753c1524ff28df17ab05df3d538fcbb59dae070b4970b5c634158a19a7536122db253eab3a81fb241
-
SSDEEP
393216:GPliBzNy+SaOyTFwC/M0RHljy832k5wL7lGVVL1ZG2TmHbZqe:GPliBWaTiCPys5EoVVZI2Tmt
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\MPC-HC.2.1.4.x64.exe"C:\Users\Admin\AppData\Local\Temp\MPC-HC.2.1.4.x64.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\is-66Q9V.tmp\MPC-HC.2.1.4.x64.tmp"C:\Users\Admin\AppData\Local\Temp\is-66Q9V.tmp\MPC-HC.2.1.4.x64.tmp" /SL5="$7004A,19702848,185856,C:\Users\Admin\AppData\Local\Temp\MPC-HC.2.1.4.x64.exe"2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.2MB
MD597e8309859a8f2e96633f3abad8727f0
SHA1ce2ef7c09f5aa0ed58dad798aad65ddc339dd22f
SHA25690df18eb06d199c583544f179b1bb466a6fd59736d4b0dbac35c8dd3fba9a425
SHA5128fd3450d77ce409b2621fd04475636431b57a4301a883b831b17cdf19ba345dd7d827a9076c11383697e4eab19d3060de8e67ecaee6d0b9f79b2201e5a773160
-
Filesize
4KB
-
Filesize
1.2MB
-
Filesize
4KB
-
Filesize
220KB
-
Filesize
220KB
-
Filesize
220KB