Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2d1bad8c5f...af.exe

windows7-x64

1

2d1bad8c5f...af.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06/04/2024, 01:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2d1bad8c5f5a3c8db35e3a7c8becd66ea3c83a39800877eac74408d747bb5caf.exe

  • Size

    32KB

  • MD5

    8463c84711f2b74290e2e2d8fe720d3d

  • SHA1

    a24e1b07f17e2d012c775ce675002a5e1e2486c0

  • SHA256

    2d1bad8c5f5a3c8db35e3a7c8becd66ea3c83a39800877eac74408d747bb5caf

  • SHA512

    59773cd41d3d8eab884a7d63944d359d385dc78e3181112a65077382da039f2a519210fdb7d653aadfa566d4b47f22dbcb54d43cb7e6b378289677ced7bf3fbb

  • SSDEEP

    384:y0bUe5XB4e0X+OlCANuiEO0YaBWTetTUFQqzF/mObby:rT9BudYguiEYSwlby

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 37 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2d1bad8c5f5a3c8db35e3a7c8becd66ea3c83a39800877eac74408d747bb5caf.exe
    "C:\Users\Admin\AppData\Local\Temp\2d1bad8c5f5a3c8db35e3a7c8becd66ea3c83a39800877eac74408d747bb5caf.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2856-0-0x0000000074BF0000-0x000000007519B000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/2856-1-0x0000000000A40000-0x0000000000A80000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2856-2-0x0000000074BF0000-0x000000007519B000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/2856-3-0x0000000074BF0000-0x000000007519B000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/2856-4-0x0000000000A40000-0x0000000000A80000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2856-5-0x0000000074BF0000-0x000000007519B000-memory.dmp

    Filesize

    5.7MB

    Download