Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

MMGUpdater-Old.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    148s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/03/2024, 21:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MMGUpdater-Old.exe

  • Size

    392KB

  • MD5

    cede7c18763beaca5c457b02a5fbd1ba

  • SHA1

    734f0192b6acb99d44578a8b76972d8e6f390ac9

  • SHA256

    2bd5f8b6a8f0440bcdabf7726a372e16d904cda7fa0ac60ca8854787878aad79

  • SHA512

    4bcbb92ef30080ff988b43ccac1bd9df0e7c30002d31bda2b3904c5a88192de3f2623d0c57fcfeda52a7444668220fa83f6b2ed9b89e5778d5677d010b4da5f9

  • SSDEEP

    6144:IFZT8qbTR7Sv/nQwDjsUuhbq4BgGkpcqoyK4yWkWVz97GX5FbDW7F:YZwgVi/sLhbfvkpcqdDeWZ9O8

Score
6/10

Malware Config

Signatures

  • Drops desktop.ini file(s) 2 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MMGUpdater-Old.exe
    "C:\Users\Admin\AppData\Local\Temp\MMGUpdater-Old.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Drops file in Windows directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2868-0-0x00007FFD19190000-0x00007FFD19B31000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2868-1-0x000000001B380000-0x000000001B68E000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/2868-2-0x0000000000F70000-0x0000000000F80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2868-3-0x000000001BBA0000-0x000000001BBC0000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2868-4-0x00007FFD19190000-0x00007FFD19B31000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2868-5-0x000000001BCA0000-0x000000001BD02000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2868-6-0x000000001C1F0000-0x000000001C280000-memory.dmp

    Filesize

    576KB

    Download

  • memory/2868-9-0x000000001C950000-0x000000001CE1E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/2868-10-0x000000001CEC0000-0x000000001CF5C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/2868-12-0x00007FFD19190000-0x00007FFD19B31000-memory.dmp

    Filesize

    9.6MB

    Download