Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

636f206f9d...18.exe

windows7-x64

3

636f206f9d...18.exe

windows10-2004-x64

3

ZYing.exe

windows7-x64

1

ZYing.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/05/2024, 13:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ZYing.exe

  • Size

    597KB

  • MD5

    e5372cd7d4b76723754f34d6c651fd6a

  • SHA1

    0c6ea81074fd47e8c2b67263ac31a1287e0ed70c

  • SHA256

    de58f307376638a09e017cbe263db9078f642416775ff2ef853e16dcd5d7d56f

  • SHA512

    0ec0e26d0edd86ebcb64ef8f5903097e90a96f54dded2cc84607f57b130dbc08a7e427a9b0002fb8965d353bbed175fb190b3f7340352e9efb9756c9d2a4beb0

  • SSDEEP

    1536:Ugx5uQohgTJ637rONBRCV5Oa7jyqXHun1pcxiiKPQi8+xZ1idZZPz37rONBRCV5G:lb/NEOQ5VY1d9AdOQ5VY1dZ

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ZYing.exe
    "C:\Users\Admin\AppData\Local\Temp\ZYing.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4660-0-0x00007FFE30513000-0x00007FFE30515000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4660-1-0x000001B27C850000-0x000001B27C8EC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/4660-2-0x00007FFE30510000-0x00007FFE30FD1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4660-3-0x00007FFE30510000-0x00007FFE30FD1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4660-4-0x00007FFE30510000-0x00007FFE30FD1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4660-5-0x00007FFE30510000-0x00007FFE30FD1000-memory.dmp

    Filesize

    10.8MB

    Download