Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

2024-04-05...il.exe

windows7-x64

9

2024-04-05...il.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/04/2024, 11:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-05_1f23f1ef5f4b21ee6b09226d4f790c0b_magniber_revil.exe

  • Size

    5.7MB

  • MD5

    1f23f1ef5f4b21ee6b09226d4f790c0b

  • SHA1

    ec85e4c55c0681e33517b202473aec2b0ee6f8f0

  • SHA256

    440edec370c7af618f15bcf3f0993e5578e13f351968a718589b63fb92270d16

  • SHA512

    dc9c5b97755d124595a2d01204dc5189382c8f06a085c119c3de8ca61b5ffba2d9782d40afa720ffae14c91c3170f5691fbff619eb04329d936dec8d9b965a80

  • SSDEEP

    98304:+dHMC+By0AOzWeGlPCk2IabgwxXQ6lXtGscl5M1QN7pA2q7NOLFkV5idpw:+/SACkCkyhXQ6ldGsTQN7pDhkjirw

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-05_1f23f1ef5f4b21ee6b09226d4f790c0b_magniber_revil.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-05_1f23f1ef5f4b21ee6b09226d4f790c0b_magniber_revil.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:3476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
    Filesize

    652B

    MD5

    b4eea7300b040adde9b0304296194e14

    SHA1

    c0708fa7a9db684d1ae93f05c20b17bc55cef206

    SHA256

    5013c5d2e6e75840659968d6e28ec64ced6379809c8b04ae1a1f64ef4505fdc6

    SHA512

    017f189477f0146e6c03daf7011d6d4aeb8124bda4f4a475afdf370b84e2a5ec63cf0de35c61646b890c53d1ba3d862840217eb7e4b40d92a0453752d496e735

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
    Filesize

    21KB

    MD5

    cd887391f53ce2064b03837a5fb6b586

    SHA1

    d37fa4ef9be29d8a5657fe9e7abfce07a6d498dc

    SHA256

    8caa37162274ac5e20c30823f1aedc6546796e614493129e3c57d2e6691a45dc

    SHA512

    b344a070b3db33cdc760da5f5b289bcd20443ab1330e52cf31f7f09879e295655c6d5a70d216245fa9b8c51cc75c74cf3169f43b0eafc44ec091661f6aafb36d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log
    Filesize

    310B

    MD5

    b467820d3bdee5fc7f76bc4043bf1cd5

    SHA1

    abe20f18e0640b41d9efb3e8eb235e59a66d91db

    SHA256

    ac77ce1aea16c50d99f8c129589e0b698b546fcbe006eb563a1cd8d83b340e9b

    SHA512

    075a6fe00b5109486ad9998e3d258be9f20a3b50a539a749f0285a62bb4a78d5da7e8de15c7dab80264e92ddce2f1cc1522a5cf184198d9bb7d95b95a952cb8a

    Download Submit