Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Job Interv...nt.dll

windows7-x64

1

Job Interv...nt.dll

windows10-2004-x64

1

Job Interv...ew.exe

windows7-x64

7

Job Interv...ew.exe

windows10-2004-x64

7

Job Interv...rm.dll

windows7-x64

6

Job Interv...rm.dll

windows10-2004-x64

6

Job Interv...gs.dll

windows7-x64

1

Job Interv...gs.dll

windows10-2004-x64

6

Job Interv...al.exe

windows7-x64

9

Job Interv...al.exe

windows10-2004-x64

9

Job Interv...40.dll

windows7-x64

3

Job Interv...40.dll

windows10-2004-x64

3

Job Interv...32.dll

windows7-x64

1

Job Interv...32.dll

windows10-2004-x64

6

Job Interv...40.dll

windows7-x64

3

Job Interv...40.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/02/2024, 05:27 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Job Interview/essential.exe

  • Size

    4.7MB

  • MD5

    4ed5d74a746461d3faa9f96995a1eec8

  • SHA1

    d9d513e6ddfe9e83df4540deed3c421f80c5ec41

  • SHA256

    23f6cefdce551431675506cb1c438feb2c66d38d1c77ebefe0fd5042e677ff80

  • SHA512

    d9d632a337b091ce8682197fb77b29e201fbd3113d988bfa69d6c7f672e05bd958147221afdbaa1baa8269a6d35d8aca522b1011bbd32fa4485427f28dc3f0ed

  • SSDEEP

    98304:adLUEBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuYDcvwu3707iQMMvozt:aZ220JyNtjSkQYagF

Score
9/10

Malware Config

Signatures

  • Detects executables manipulated with Fody 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Job Interview\essential.exe
    "C:\Users\Admin\AppData\Local\Temp\Job Interview\essential.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:640

Network

  • flag-us
    DNS
    interviewportal.ddns.net
    essential.exe
    Remote address:
    8.8.8.8:53
    Request
    interviewportal.ddns.net
    IN A
    Response
No results found
  • 8.8.8.8:53
    interviewportal.ddns.net
    dns
    essential.exe
    70 B
     130 B
     1
    1

    DNS Request

    interviewportal.ddns.net

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/640-0-0x0000000074A00000-0x00000000750EE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/640-1-0x0000000000D50000-0x0000000001210000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/640-2-0x0000000004850000-0x0000000004890000-memory.dmp

    Filesize

    256KB

    Download

  • memory/640-3-0x0000000000260000-0x000000000026A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/640-4-0x0000000000260000-0x000000000026A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/640-5-0x0000000004850000-0x0000000004890000-memory.dmp

    Filesize

    256KB

    Download

  • memory/640-6-0x0000000004850000-0x0000000004890000-memory.dmp

    Filesize

    256KB

    Download

  • memory/640-7-0x0000000074A00000-0x00000000750EE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/640-8-0x0000000004850000-0x0000000004890000-memory.dmp

    Filesize

    256KB

    Download

  • memory/640-10-0x0000000000260000-0x000000000026A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/640-9-0x0000000000260000-0x000000000026A000-memory.dmp

    Filesize

    40KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.