Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

WindowsDef...ce.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    24s
  • max time network
    14s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/05/2024, 15:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    WindowsDefenderInlinedService.exe

  • Size

    2.0MB

  • MD5

    102b94ef3ad3205b95de078fa66c467e

  • SHA1

    7899c450088a097f38232411994f7bcdc6a99762

  • SHA256

    9bd16705be46ed4e8ebf962c6c35469e3b93417fd2b5042d55a0857d0756922f

  • SHA512

    a076f05212386404b6834bf16bdce77010d4c8e6fa43898f1119eea2beae56dc3a3745961c30bbd5171c8c5441879ebf2543f8df9ef9117ef1cb185af3553c0f

  • SSDEEP

    49152:HkqXfd+/9AqbXHeWSny6G2svcnHNiZtcxv2P0dCKp2aRtW+2G4RTfwUKI:HkqXf0FfbXHRD6GJD3Av2P0dCc2wW+AE

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\WindowsDefenderInlinedService.exe
    "C:\Users\Admin\AppData\Local\Temp\WindowsDefenderInlinedService.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3576-0-0x0000020CFEFE0000-0x0000020CFF1EA000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3576-1-0x00007FFFEF2C3000-0x00007FFFEF2C5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3576-2-0x0000020C81850000-0x0000020C818A2000-memory.dmp

    Filesize

    328KB

    Download

  • memory/3576-3-0x0000020C81820000-0x0000020C8182C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/3576-4-0x0000020C81830000-0x0000020C8183A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3576-9-0x0000020C9A120000-0x0000020C9A12A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3576-8-0x0000020C9A100000-0x0000020C9A10E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3576-7-0x0000020C9A0F0000-0x0000020C9A0FE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3576-6-0x0000020C81810000-0x0000020C8181E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3576-5-0x0000020CFF520000-0x0000020CFF528000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3576-10-0x0000020C9A1A0000-0x0000020C9A2F6000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/3576-11-0x0000020C9A2F0000-0x0000020C9A2FA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3576-12-0x00007FFFEF2C0000-0x00007FFFEFD81000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3576-13-0x0000020CFF550000-0x0000020CFF562000-memory.dmp

    Filesize

    72KB

    Download

  • memory/3576-14-0x0000020CFF5C0000-0x0000020CFF5FC000-memory.dmp

    Filesize

    240KB

    Download

  • memory/3576-15-0x00007FFFEF2C3000-0x00007FFFEF2C5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3576-16-0x00007FFFEF2C0000-0x00007FFFEFD81000-memory.dmp

    Filesize

    10.8MB

    Download