Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

cryptolaemus

windows10-2004-x64

8

cryptolaemus

windows11-21h2-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/06/2024, 06:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    443d619ed6520b9e29518fc5ca93e29aec470220f1c8709c7d162a696e7fbabd.exe

  • Size

    13KB

  • MD5

    89fa717ba000fe0dedecc0d265f9ede1

  • SHA1

    25bdd4dfb195cccdce77d87c0cf4e60ddd4eabd1

  • SHA256

    443d619ed6520b9e29518fc5ca93e29aec470220f1c8709c7d162a696e7fbabd

  • SHA512

    05c1e7195170568833a8b65d9e1e54d86cc955826d21e93013ee057a930f26b23a4c273d17db9cca33ecd1df67905b064ea6a3811f2bf3cd19bbfc824c7209cf

  • SSDEEP

    192:cnsI1lYWOxxKBnhmB6g3lluZbiH4DNIDqM9RPkt2OH5UFtxK//GOyVv9zWlJdxq8:bHKjm/lBOM9uEm5svVVWlJj+It

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\443d619ed6520b9e29518fc5ca93e29aec470220f1c8709c7d162a696e7fbabd.exe
    "C:\Users\Admin\AppData\Local\Temp\443d619ed6520b9e29518fc5ca93e29aec470220f1c8709c7d162a696e7fbabd.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3352
    • C:\Windows\system32\cmd.exe
      C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\242607062812317.exe 000001
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1828
      • C:\Users\Admin\AppData\Local\Temp\242607062812317.exe
        C:\Users\Admin\AppData\Local\Temp\242607062812317.exe 000001
        3⤵
        • Executes dropped EXE
        PID:2296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\242607062812317.exe
    Filesize

    13KB

    MD5

    4bb3205a67d2a9a29f8df6c6beabfaa8

    SHA1

    d3263ed4699a25a06ce782716fd6867ad0943d5e

    SHA256

    228bf38b383ed60d8a93c8ddf409cd405fe9be243da1679655ab2059b32fda8a

    SHA512

    672f6eecc3fb54cf5b585835d3f99496939ac481469e0520fcebb47f2435b36f5e4d54bbe9e5e7b41d5c58b70cdc440eca1192376952d98de40d5272d1bc442e

    Download Submit