Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
97s -
max time network
122s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
13/02/2024, 04:37
General
-
Target
d332554c641a77dd70562f87ea9675f8.exe
-
Size
384KB
-
MD5
d332554c641a77dd70562f87ea9675f8
-
SHA1
bfb077f355ab2fc1c6fb322970e109bcc63edfe1
-
SHA256
e6deb06b9b5e6494412c55c2b430c8921aa056960d262df1577d5f381ca83c8f
-
SHA512
aa5bcd46fa1d88dae84a264dcde359f7e99f6b99c3ed7c751b801778b116ddc398b86a9c45932791e04963dd60910a863e7bd3b85741ef5a043d8cf051326a70
-
SSDEEP
6144:drxfv4co9ZL3GBGgjODxbf7hHGbGQDvE1ZuGg9LSVQoJfCmf2F2LjbNW27Z:Zm48gODxbzoDwEG5eoJfCmA2PbLZ
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\d332554c641a77dd70562f87ea9675f8.exe"C:\Users\Admin\AppData\Local\Temp\d332554c641a77dd70562f87ea9675f8.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\471B.tmp"C:\Users\Admin\AppData\Local\Temp\471B.tmp" --pingC:\Users\Admin\AppData\Local\Temp\d332554c641a77dd70562f87ea9675f8.exe FA29A1CA12C6D2848BE590FD493C754EB8E086D4CECC1AE10EA2D75111CAB51499C2BF67712EF15398DA53D79A129182E65195FF04CEF8BEF6A769561F6ECB5D2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
384KB
MD5c4d6f6998a4faa721cc32445619a1d7f
SHA1d8f1e0205b30dd371153443ce535408991268750
SHA256101c91f627763416b01a0dc82c91715199c9cd5a0a5afab8917ca01f78a60d71
SHA512df0852dc8e6538f7d2c04f9b3680ac8f50f8c59abefbb22fab5018256003b1383402e1bde71e9d0eac8fd4a7331104e18597151a635c95ae5c69b843c4ef3fbb