Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
15/05/2024, 00:45
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-15_4496264e9a644de175994725bbc36cde_krakencryptor.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-05-15_4496264e9a644de175994725bbc36cde_krakencryptor.exe
Resource
win10v2004-20240508-en
General
-
Target
2024-05-15_4496264e9a644de175994725bbc36cde_krakencryptor.exe
-
Size
904KB
-
MD5
4496264e9a644de175994725bbc36cde
-
SHA1
9386ef23194c95b6412c1749d865e0bc37ec1c8d
-
SHA256
9b058c4064152681994625f21e8e9b23c25a0dc3ae46339dbf8b699f02cfbb06
-
SHA512
994cad13016ff5aa351172a80dcbc4e5b49bce22a4adb46b2fcb873c3bda204e564251ca727dadf715f867e0c9ba25767ff031daaf1cd2692326b2543edb8de5
-
SSDEEP
12288:r8VkOEQBzJm1MNm1Mmw3cTVm1Mxm1Mpm1MaGRc46Wa7e3BOm18tAqmvztpY:2BzkVK99Zac46N7YxRJpY
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 3 IoCs
pid Process 1644 2024-05-15_4496264e9a644de175994725bbc36cde_krakencryptor.exe 1644 2024-05-15_4496264e9a644de175994725bbc36cde_krakencryptor.exe 1644 2024-05-15_4496264e9a644de175994725bbc36cde_krakencryptor.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 1644 2024-05-15_4496264e9a644de175994725bbc36cde_krakencryptor.exe