Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
144s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
14/02/2024, 12:33
General
-
Target
5bb2858e6948295afeaed5749401d718ca6f12760e493daea837ddaf9ba9a87f.exe
-
Size
767KB
-
MD5
c2503e9f6c6966ffd3d16f69c5981946
-
SHA1
f494255bf18659e7449b97e56f4e41acd5f30956
-
SHA256
5bb2858e6948295afeaed5749401d718ca6f12760e493daea837ddaf9ba9a87f
-
SHA512
63933380f87168f6374ecd63301ab3754caad29071cd6e8fdb2d041f030068bf7b25fb5f4e50f37b45928028d19f606070700acb0d3cebd774d6984b1b68122a
-
SSDEEP
12288:c7gKNkhm/JuyXnPB+h8WHNq/u9AAi4TnCf2KbCGrriUmiwFJxU72+:c7zNkhm5PBXKq/u9AAifTrri4wF6
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in System32 directory 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\5bb2858e6948295afeaed5749401d718ca6f12760e493daea837ddaf9ba9a87f.exe"C:\Users\Admin\AppData\Local\Temp\5bb2858e6948295afeaed5749401d718ca6f12760e493daea837ddaf9ba9a87f.exe"1⤵
- Drops file in System32 directory
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\System32\alg.exeC:\Windows\System32\alg.exe1⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
661KB
MD5b810e3ef71181feb3f7af84171be4cf2
SHA1a24836f7fb2893c9f998205de8c99ef2ae766fa8
SHA2566e78b635b1d9bfabf914e15f9557c884b462e1b846085ae5d8589a73b216d51f
SHA5121ba001b596f36b9938471c2eaed5b5d99e6f7a27b9aa620afda5f7fbf607d09ceaa2224024e3720d29ef75d3e5f6590d0fb7673b8ad79b67ee81a02bb1e95cdb
-
Filesize
680KB
-
Filesize
680KB
-
Filesize
788KB
-
Filesize
412KB
-
Filesize
412KB
-
Filesize
788KB