Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

e10ff90f1e...92.exe

windows7-x64

5

e10ff90f1e...92.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/03/2024, 07:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e10ff90f1e24c603c82ba51647d41392.exe

  • Size

    273KB

  • MD5

    e10ff90f1e24c603c82ba51647d41392

  • SHA1

    7d1596404b084b8859db5c222c5f55f2889498fe

  • SHA256

    0af544632e2cc3e5be94bd84af434e5d4b55d4bad3f2ceec49d35d115d52d1c4

  • SHA512

    b1abd6f5922f261ab7092012401fd4b65df8a5a3cde790da837b03ce6501539e3492349c4be1179aef994e0da21defd517f47163347996080d189b95795c0915

  • SSDEEP

    6144:WuRZhZlwVePkSosvDTEkctOLqmdBuazoLAoRHB1to:NLlCu11vDTEk+mUOockto

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e10ff90f1e24c603c82ba51647d41392.exe
    "C:\Users\Admin\AppData\Local\Temp\e10ff90f1e24c603c82ba51647d41392.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:4804
    • C:\Users\Admin\AppData\Local\Temp\e10ff90f1e24c603c82ba51647d41392.exe
      C:\Users\Admin\AppData\Local\Temp\e10ff90f1e24c603c82ba51647d41392.exe
      2⤵
        PID:228

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\l.txt
      Filesize

      46B

      MD5

      e27e795ccabc259ecf5294f7d040e56a

      SHA1

      173ca6e9bb7c42df1b0f595673d675b3f99aaa31

      SHA256

      5792fba89a733c59bb7beb1ba101b9dc3e0f229b52626746f78e71db9b3a5ef5

      SHA512

      dbbaa3104623c0bf5e4e74dc389a69ef78c1535b71da4b189a9753c41d63dee276d0d14df6e1dd8be884227781528f63830ac45e51a14bc2d7e5ebc6d447b0a9

      Download Submit

    • memory/228-0-0x0000000000400000-0x000000000044B000-memory.dmp

      Filesize

      300KB

      Download

    • memory/228-2-0x0000000000400000-0x000000000044B000-memory.dmp

      Filesize

      300KB

      Download

    • memory/228-10-0x0000000000400000-0x000000000044B000-memory.dmp

      Filesize

      300KB

      Download

    • memory/228-14-0x0000000000400000-0x000000000044B000-memory.dmp

      Filesize

      300KB

      Download