Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
1792s -
max time network
1602s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
27/05/2024, 05:41
Static task
static1
Behavioral task
behavioral1
Sample
KEYGEN-FFF.zip
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
KEYGEN-FFF.zip
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
FFF.nfo
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
FFF.nfo
Resource
win10-20240404-en
Behavioral task
behavioral5
Sample
FILE_ID.diz
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
FILE_ID.diz
Resource
win10-20240404-en
Behavioral task
behavioral7
Sample
WinRAR.v5.01_KEYGEN-FFF.exe
Resource
win7-20231129-en
Behavioral task
behavioral8
Sample
WinRAR.v5.01_KEYGEN-FFF.exe
Resource
win10-20240404-en
General
-
Target
WinRAR.v5.01_KEYGEN-FFF.exe
-
Size
215KB
-
MD5
2257d9b1d98795c90aeea996d98a8d9c
-
SHA1
f2f388ab6b485b43bbbb5954f54f6b1585ca4ee8
-
SHA256
144bd20a74a86304809b57a1e28595e0e172308a3d620874cac5e160e7a7b488
-
SHA512
6a9083148fdc0d446f4aef6af3cb69cff7f2d9f198164e8fdb2c210c76f44673cf4eff01b4c10f997d3f03787493738e28231e5171717a56dcc3a4b10ccba1b4
-
SSDEEP
6144:QNcD+22e7tJudIPFsb5zR0130g6hljhjrObGu:CcDL2e79PFY5101MtjqbG
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: 33 1212 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 1212 AUDIODG.EXE