Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

c93c1de83b...e5.exe

windows7-x64

1

c93c1de83b...e5.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/03/2024, 17:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c93c1de83b8b943ee6a26713d8b689e5.exe

  • Size

    23KB

  • MD5

    c93c1de83b8b943ee6a26713d8b689e5

  • SHA1

    c6a9fd7c5a2926d9d3d127fa4af1d28df3154f51

  • SHA256

    78c05f6ef92fc7364ca05be348c752e8eb94c478c5f39dbe046e7e41cdfc9ec1

  • SHA512

    355ce868fe04b0289e908161c63f8d85f797ba6e91e434bacc021293c9acdacdbd44cb07cb19faaa47e088a59e4e84967db1ebbe317e3f4133e5fec0a8171d78

  • SSDEEP

    384:nDZEcDXBS4RupdKyqYDsDUXr1lIywySi3cRVT8jcwGr:DZDRStpnTsQzcv8jPO

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c93c1de83b8b943ee6a26713d8b689e5.exe
    "C:\Users\Admin\AppData\Local\Temp\c93c1de83b8b943ee6a26713d8b689e5.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1052
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1052 -s 59016
      2⤵
      • Program crash
      PID:3064
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1052 -s 58828
      2⤵
      • Program crash
      PID:3052
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3776 --field-trial-handle=2496,i,15897292497548307209,13920214570023230813,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4672
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1052 -ip 1052
      1⤵
        PID:2976
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 1052 -ip 1052
        1⤵
          PID:4024

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\~!#156.tmp
          Filesize

          12KB

          MD5

          b30737fcfdfdde8fcdf0396d9859f80f

          SHA1

          f5a08d016fc88d1d85a0fddfcd7d2e4b2525e968

          SHA256

          bcd8bab8d1aea25a5211e9f25bcd3181d1594ae36351f75cc4db85f3569aff4c

          SHA512

          97f38c05c5a1d49772ff9cb914f76a993f7802c0fb947de57cc006b8ea6333374725b0c34e014838014070ed49a270ec2d55878f68f4f172edc92c53c6454e20

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#1C96.tmp
          Filesize

          7KB

          MD5

          265320c617281418ee5a0eeb0eedf9ad

          SHA1

          ec2722221f513f22a7e54269a671b2c091ea2212

          SHA256

          fd28fec5bdf88064569fb7173b924b35ed5741b7df4b203b4bef0ba4abade769

          SHA512

          c565e39d936cef6a5d49844d06792bbd68f3008d691684372df1c33d98e96146042dc77083ed227e33c5b6c435d26dab27a86807fde7b59cc0dd41513fdd55a2

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#2008.tmp
          Filesize

          29KB

          MD5

          d36f45bff05a44213e18434580ca01cb

          SHA1

          a0bc828cd1f4006f320e13b09a1fdd7892ad671e

          SHA256

          9c0ac03723686c4ca9b5a26fcc26419d5cd6bc2507fdedee26fb54f47650c6bc

          SHA512

          ea46dd4a8c68066a2d2dffcc6c0ca2efe96e6cb3adf434f14d835bf1f0b7ec893b92b568c0689ad2a2b20c2f3de69dbe3d79e150b28fa8c4570df9f835b04098

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#22EB.tmp
          Filesize

          10KB

          MD5

          341764a7e6886338abcb0a20c8c9f6d0

          SHA1

          c57f672d5b318f22f8495eb48730583e3a835e0b

          SHA256

          ee7514b4fce89134097969d4240b0b6c94c04d8a9e9a0bd238154320ce3990bb

          SHA512

          3cd317aedc91ccea2e88374d30c7fcc9c85cc506d2e1c7e0ce7df90c6e24f4dd26142a4de0b4b01aa633cc10dbd9e5b5fbac76eaf9bfc8ae1566287f7de4e3f3

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#2389.tmp
          Filesize

          5KB

          MD5

          caccb93e1f6b50ef7af3a527c7c50b63

          SHA1

          808f17a85fc70adb4de6c5637d728aa13cd22f66

          SHA256

          62fceda0cff222f7197ba852bd919fdab749f456c633c4ba0b52431b791d5f3d

          SHA512

          cf4d04f0f6846c08b1ad78ccbebb6a8533dfc42b71ebb2fc4bac80d892c612dd1768fda6c908414600b20f35f5feb9dd67a68f5774d738bc41b2efa690305448

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#3FC2.tmp
          Filesize

          12KB

          MD5

          3a953fc576a9c9ef7a891d31a5e7452a

          SHA1

          6ae2ab43b28612c2712be7a4ba50074efd358c60

          SHA256

          489be193ffc84903d3727e964d88aaf07af6b1255920bcb829f09fec62a1403b

          SHA512

          2dcaec93f1a9a49b60047c36595e69d4346955ef1e79d74806fa0bcc36cf975f823c9371f7aa6691091d52c47f92726af3f6f0bf9be041a76c5f023e1c7fb307

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#7519.tmp
          Filesize

          4KB

          MD5

          39d0ca61e862106ce2594a93cd1099af

          SHA1

          e64cbd396bf0aa403e618e390ba52c756d0c41ae

          SHA256

          450d33bfb4c9d9ce397733aa921e056ea0a170530b129b271bbf74a168e0950b

          SHA512

          ede89ffda681c0f35ee06be235dd79cb8a0c0392ecc227dcd2c73b1fce2f5af4ad498fa871cc17e72b572f27ff7b6b855add79462812fa295d57955d2172a71f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#7C5E.tmp
          Filesize

          9KB

          MD5

          2996aac3e0bce3d6667335edbeb2dae4

          SHA1

          04a996844f99eb568450c36c819696e5e505d0ec

          SHA256

          164a0c7b19d7e275fa3a1e092a697ed4643f099bba85f37f9efc28fbfb557b7a

          SHA512

          b8dfea72836d3ea1e2b65d780ad780e944e29835a0dce4ad299091d2132565e938b4003e4f0ce7bda29c6a44fa0ddee97ada8cbcfa6b72e46fddbddb2af6d6a3

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#8AFE.tmp
          Filesize

          5KB

          MD5

          245783f7f49a1cbf6717e22dcab34fd2

          SHA1

          930f5e31764932b20cf8d6296c50bccda6d2339e

          SHA256

          c362e08a3ac43a6015f074d51101bf8a9b70f298c51cd10dfca4d5c243ce9d50

          SHA512

          e74d6a3cc4bcb7ddb6cc722997f34075bd9e885329ddf2f6795334fd3edfd8e5b09aeb7e75e84a74e1c17005148bea12dbcf2ea5b01bb53ee58ab83d0bea67cb

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#9C1A.tmp
          Filesize

          9KB

          MD5

          6a5dcb125e0e899dce8655ac7da84c8d

          SHA1

          ad2146b64ebdb4e081ccead4efb9801a2a745c05

          SHA256

          a05c9798064d96af0e2b025bdf761b6e6ca8bb9f924367058389b7d076b52347

          SHA512

          48e70e0f39fc9a10bf1299efcea8665ab7525d55c8294f542dd35d8f3d9a6f4785efe12dacf717599a43ba4e9128a567a876d7a6f5d364828a43c2d4477efccc

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#9E91.tmp
          Filesize

          5KB

          MD5

          e78129559825e39740124e8b965d51e1

          SHA1

          1f569ae6e74f93f8cadc0c6c32b7d83d5f347842

          SHA256

          7bfcb2a51a4f8406624592ae6ceee249a89a4ff04b39c2c97536ffd5320583dc

          SHA512

          955cd9442315b07120e7e7d60b36a585ecfeb2be5c8f7f5625fd46a8067b75086c8ca2be56cddde01584e4a659e752e08978d1a8962c2694f3192ed621c1094c

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#A0F6.tmp
          Filesize

          15KB

          MD5

          1570bda6c71d2b6ef8b07d8a11d75a4d

          SHA1

          d1add15b915d3cfbc9ce00b9ee8098da4b3a70cf

          SHA256

          96afd515369d9fa0cab59c73d0b33d07aefbfa6bd8003532e8f1d2900d65cc8c

          SHA512

          38b8257c2f7a92c9e93eec38a2d13587f17646b15d74d4d58eef8ceed27d3b4fa340127cd58010af4f3c4d25e7a6648a207f552c48e15665e633117e191a35c7

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#A9C1.tmp
          Filesize

          4KB

          MD5

          0a2cf2c64087e27cd75e94ee101f33c7

          SHA1

          88a1a7f468d7cbd6343eb919269f2cab5563a8df

          SHA256

          425cffc0d71dd3d7ac1c1936aa25dfa0b4357612aa148ee3df5a239986f25e8e

          SHA512

          77b46cfe68fe0fa3b39022a4c5df83c0239f9328ac467fe3ae42379d8ce4566e11710556472e5f85531a5bacff4bec383b9eac5dddc53de5c5f2a71b6ac22431

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#B7F4.tmp
          Filesize

          12KB

          MD5

          ab55b2a56eb3af590a76d0e6cda6fe58

          SHA1

          e03d2da2be191072611842af4f404f443ef2ff88

          SHA256

          14542dd2cb8bbc8d7289f66c83d7fa80b35828e11079b5504b4fd3b4b6ccb481

          SHA512

          071bf1dc7ff223ca0a01704cb311f4baa505ac98e484135adef2c4c5028aefa11520b51940a8d0b073e36a59bed5eb8f6c5f26eec2981245234514f5afed7cad

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\~!#C0E5.tmp
          Filesize

          9KB

          MD5

          dd7a1bdcaa9bba06403ad59abba021eb

          SHA1

          46f1268dad0f9d24abd185ce363bdea5a75e10fe

          SHA256

          f010b0fd16690eac5e094be0c61b074fd322940947ac1c73401dc5753ed46bb0

          SHA512

          1d5122a1fc8672d62d36cae4014bad7575fb3e044077e9bd653895fe81c72a711fcaee0902758f3463e1f49a7ba27159dc1e7241460227be387c45bd2516857a

          Download Submit

        • memory/1052-110-0x00000000009C0000-0x00000000009C2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1052-0-0x00000000009C0000-0x00000000009C2000-memory.dmp

          Filesize

          8KB

          Download