Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
-
submitted
07/06/2024, 06:24
General
-
Target
4d9b8e0cfc7e2e5316f7aaaeada515140218cd9dce3f5c145175d272cb2d7604.exe
-
Size
12KB
-
MD5
4ffe6616cb20db9dc97c938c9b36b2a2
-
SHA1
0d6795477000f313fd3976ea35bc3c39be241740
-
SHA256
4d9b8e0cfc7e2e5316f7aaaeada515140218cd9dce3f5c145175d272cb2d7604
-
SHA512
06b05b86b60004513db1b2cab8e9615365147669e8fa5d86cf48d65b62d1027d878ed785867091ed64bda769baa5e5f9a22baafd790627dd5b0ee1c6cdede1e6
-
SSDEEP
192:VaLI16BqGITMN6BORFKvftUs8bf3/8LPjx3MB7N1GeoWlJdxqHY+1x:msGI4Xsa8Zc4eoWlJj+n
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\4d9b8e0cfc7e2e5316f7aaaeada515140218cd9dce3f5c145175d272cb2d7604.exe"C:\Users\Admin\AppData\Local\Temp\4d9b8e0cfc7e2e5316f7aaaeada515140218cd9dce3f5c145175d272cb2d7604.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\242607062410347.exe 0000012⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\242607062410347.exeC:\Users\Admin\AppData\Local\Temp\242607062410347.exe 0000013⤵
- Executes dropped EXE
-
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
13KB
MD550b7d6ab2b4fd9c7b8a8a8bd29e5b934
SHA1709ed231da91ab5414b92c08292841f76b7d53cf
SHA256d1fb4646eab4c2809f8d43b2a3447c19977cd5edae5cbd05481053524d0d3127
SHA5124197b5dc3fca882b9a6c4553ef4b94a002fe3467e3aa81760b87d439e992a2597e4e5c90e270bb1d37a9a62971c9f18fda7f7821636bbf4de19d8a73c735bd01