205ae779babd66a06edef8f4549388af61dbb854e06c82a7f291317f4dbe780e

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

082abd50bc...72.exe

windows10-2004-x64

0a70b4612b...f6.exe

windows10-2004-x64

136b546d35...01.exe

windows10-2004-x64

1ec8ce9ace...96.exe

windows10-2004-x64

28e73a1086...9a.exe

windows7-x64

28e73a1086...9a.exe

windows10-2004-x64

3a5fd7dfde...92.exe

windows10-2004-x64

56dbfb10e0...5d.exe

windows10-2004-x64

5f7c9e83d8...c5.exe

windows7-x64

5f7c9e83d8...c5.exe

windows10-2004-x64

660944c2e2...12.exe

windows10-2004-x64

6b061fa476...e8.exe

windows10-2004-x64

795a49ee81...4a.exe

windows10-2004-x64

7d1f6eeb31...ef.exe

windows10-2004-x64

80f298c436...94.exe

windows10-2004-x64

85555569bb...4d.exe

windows10-2004-x64

bd2cad4003...26.exe

windows10-2004-x64

c429566ed4...39.exe

windows10-2004-x64

c47b15f967...7d.exe

windows10-2004-x64

ce9f75c073...16.exe

windows10-2004-x64

cfdc6cd562...d3.exe

windows10-2004-x64

eb81f341bc...da.exe

windows10-2004-x64

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
10/05/2024, 13:05

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

2 signatures

Behavioral task

behavioral1

Sample

082abd50bc322e65df7b85b918d5bc248c652483544b6e4c453e9531969df172.exe

Resource

win10v2004-20240508-en

amadey healer redline lande dropper evasion infostealer persistence trojan

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

0a70b4612b5a8fdde3e7cb75dcc0caca23c46bd980d396bb52f7efc9d122c8f6.exe

Resource

win10v2004-20240426-en

amadey healer redline krast dropper evasion infostealer persistence trojan

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral3

Sample

136b546d35913e21d69572f169ae203809c1521256619595aa6b15d763436c01.exe

Resource

win10v2004-20240426-en

amadey healer redline smokeloader krast backdoor dropper evasion infostealer persistence trojan

windows10-2004-x64

18 signatures

150 seconds

Behavioral task

behavioral4

Sample

1ec8ce9ace042665b07a0abc5b206634b1417b5f2a4a00b4554147d518832396.exe

Resource

win10v2004-20240508-en

healer redline lamp dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral5

Sample

28e73a10869c3ce55af51de963cb8f48eac48b8f171602308b167d940e58899a.exe

Resource

win7-20240221-en

upx

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

28e73a10869c3ce55af51de963cb8f48eac48b8f171602308b167d940e58899a.exe

Resource

win10v2004-20240508-en

upx

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

3a5fd7dfdeb2d39f59735a8fd4f3621bef5a632886c19bfffeacac3350c44092.exe

Resource

win10v2004-20240426-en

healer redline masha dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral8

Sample

56dbfb10e07e622006233e2ca432e9b289e276470e18ab3efe037a1c17c40d5d.exe

Resource

win10v2004-20240426-en

amadey healer redline nasa dropper evasion infostealer persistence trojan

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral9

Sample

5f7c9e83d80a652c6bde9ce18eaca08f9cb8a8012568629c5813a8e40f7e7ac5.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

5f7c9e83d80a652c6bde9ce18eaca08f9cb8a8012568629c5813a8e40f7e7ac5.exe

Resource

win10v2004-20240508-en

redline 5345987420 discovery infostealer spyware stealer

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral11

Sample

660944c2e28e356790c36fcc99f1413b6daff34f154aeeda556c351fc695e812.exe

Resource

win10v2004-20240508-en

amadey healer redline lande dropper evasion infostealer persistence trojan

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral12

Sample

6b061fa4768c28530459442828163e1c4cf33aa058cd0846566771b57ecf36e8.exe

Resource

win10v2004-20240508-en

healer redline kira dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral13

Sample

795a49ee81e6eb25d2140b564c0aa63d165592e4d3b7bb4c29423c619b51334a.exe

Resource

win10v2004-20240508-en

amadey healer redline krast dropper evasion infostealer persistence trojan

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral14

Sample

7d1f6eeb31bd2e40692c777766b604a0bf50848518f5c931a53d7c48b988e8ef.exe

Resource

win10v2004-20240426-en

healer redline nasa dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral15

Sample

80f298c436aec6fc79755a500c4350e1d63215b9088f36710903936de3cedc94.exe

Resource

win10v2004-20240508-en

amadey healer redline lande dropper evasion infostealer persistence trojan

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral16

Sample

85555569bb7d45d357512a0eafac484c22aee485efcb08f16f10d5cba19ad94d.exe

Resource

win10v2004-20240426-en

amadey healer redline lande dropper evasion infostealer persistence trojan

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral17

Sample

bd2cad400370a1839dedfee01ba51651868baedcef41cd34976bcfc1a2ccbf26.exe

Resource

win10v2004-20240426-en

healer redline crazy muha dropper evasion infostealer persistence trojan

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral18

Sample

c429566ed481fe562466b6e87d2cfe6fc492efeb3007819b63dd4cf45594d639.exe

Resource

win10v2004-20240426-en

healer redline mihan dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral19

Sample

c47b15f9672b5795b62a389de76336302127184be510254d08b9b5100134dd7d.exe

Resource

win10v2004-20240426-en

healer redline mihan dropper evasion infostealer persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral20

Sample

ce9f75c073171b1315c869b550348e6d8c48a986b262a068b33f0833b7a24716.exe

Resource

win10v2004-20240508-en

redline kira infostealer persistence

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral21

Sample

cfdc6cd562d69f4233d6d8bcde44d4bd5e6825bd17383e6bb2f76b9fd006ead3.exe

Resource

win10v2004-20240508-en

amadey healer redline smokeloader nasa backdoor dropper evasion infostealer persistence trojan

windows10-2004-x64

17 signatures

150 seconds

Behavioral task

behavioral22

Sample

eb81f341bc6cd2678bd7559862571f5294b6980de5199672afa03b21de0a4dda.exe

Resource

win10v2004-20240508-en

amadey healer smokeloader backdoor dropper evasion persistence trojan

windows10-2004-x64

16 signatures

150 seconds

Report Analysis Logs

General

Target

28e73a10869c3ce55af51de963cb8f48eac48b8f171602308b167d940e58899a.exe
Size

2.5MB
MD5

29c903a2fd59a9ff991b74327763b884
SHA1

6bd0461a714710b555e47769941789f2a7b18c39
SHA256

28e73a10869c3ce55af51de963cb8f48eac48b8f171602308b167d940e58899a
SHA512

4bb94ba18754cbdcd449b6e69b3d3b326756070f0a367e6bcae214d2f245ddf92c25215a1eae901d824f4de3ef3d1e72a10ce7128cae6db723075a29c128be63
SSDEEP

49152:Jk9cDJgdz+ukkDbCyJjGTESO8AT6ZlyUR96NEJZeVJtFagAGgVBvzu:26FIz5vnjGTEN8AmZcM9vZWtFEGgVBq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral6/memory/2180-0-0x00007FF764F20000-0x00007FF76A3AF000-memory.dmp	upx

Processes

C:\Users\Admin\AppData\Local\Temp\28e73a10869c3ce55af51de963cb8f48eac48b8f171602308b167d940e58899a.exe
"C:\Users\Admin\AppData\Local\Temp\28e73a10869c3ce55af51de963cb8f48eac48b8f171602308b167d940e58899a.exe"
1⤵
PID:2180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2180-0-0x00007FF764F20000-0x00007FF76A3AF000-memory.dmp

Filesize
84.6MB

Download
memory/2180-1-0x00007FF764F20000-0x00007FF76A3AF000-memory.dmp

Filesize
84.6MB

Download