Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    92s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/06/2024, 07:54

General

  • Target

    2024-06-02_ec9b5c1d4eefc9012f213a0bed273a36_magniber_revil.exe

  • Size

    5.7MB

  • MD5

    ec9b5c1d4eefc9012f213a0bed273a36

  • SHA1

    82fb949ea4e9482a649b8d183c7c7113cca5dfb0

  • SHA256

    742a07d39b8ccc299292e49f776ad0d2ab6c6e475b3a9801a235ff5717413c23

  • SHA512

    4bcf19f9a1f9b515befcf21d66c84f017438fdf335dcebbe912162fea360eedbff82c317dc6aedd61d3bb66019ab3bad8a5dc65595dea6e86109e54c366e8bd8

  • SSDEEP

    98304:b/6n94bDY2EBcBuq62V///4nAWakrn7S/IhWoaVVfs/VIsMF4JD8iulhq7NmPkVL:uMD+cpvJ/4H3nmghWoa/fsysMF4JD85q

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-06-02_ec9b5c1d4eefc9012f213a0bed273a36_magniber_revil.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-06-02_ec9b5c1d4eefc9012f213a0bed273a36_magniber_revil.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log

    Filesize

    652B

    MD5

    e693b9fc01b4517453dd6d829df1dcbd

    SHA1

    485b551a4d264490ac383a5ae587fd4108b2b7fd

    SHA256

    2e48574fc58b39f4b1d606471cd318ef29612651b144c15ce7ee28a794014475

    SHA512

    5e627893e6419daa4e3bdc32e4a9a83f4247ee0055a8258b9f1de4f72454ace26be23e723e822201adfe687dc4c813f4c79e5b016306153624d9999588b53661

  • C:\Users\Admin\AppData\Local\Temp\yjs_log\log.log

    Filesize

    310B

    MD5

    d7936129de2213d6e53b26990fc38fe1

    SHA1

    cd20ea42bdb64b38d3791871e1c71fbb472f785a

    SHA256

    308411fabd7011a585badb413b12397e71e220cd740d605dcce831fa919a2ec6

    SHA512

    d5f418a23d86382e1aa29753e36ed8359374ada739cc9b0ea917e5cb6d7235edc87045b24c1d5add541371a3f2c7a737ee23c9a580bf9f71ee1f846f1174a7ad