Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

Loader.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    145s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/06/2024, 18:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Loader.exe

  • Size

    62.1MB

  • MD5

    f05cd3bfe504a8af6b4766331824adf6

  • SHA1

    3015f59e1b9562978f9db5b4d47691deb5e208c1

  • SHA256

    d4c00e7275d5a05214489d6d500d8b8c6fae28f1556d2bbccf53ffd9f0ef8a1a

  • SHA512

    c801b2dbb0b0e21407ffc65ec065a8b8a3907089851ca2e5258281269ce3c5f2003ef532a8e3719339b2011b29318ca78c603aa1e2c14d8f66a738fb2bbefc5f

  • SSDEEP

    1572864:Ee6rDD0xiH7E32Wq19FNAxtMWajS94Z23j:zaD00Q3S19Vs4Y3

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 54 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 50 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Loader.exe
    "C:\Users\Admin\AppData\Local\Temp\Loader.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4568

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4568-0-0x00007FFF7CBB0000-0x00007FFF7CBB2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-1-0x00007FFF7CBC0000-0x00007FFF7CBC2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-2-0x00007FFF7CBD0000-0x00007FFF7CBD2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-3-0x00007FFF7CBE0000-0x00007FFF7CBE2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-4-0x00007FFF7CBF0000-0x00007FFF7CBF2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-5-0x00007FFF7CC00000-0x00007FFF7CC02000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-6-0x00007FFF7CC10000-0x00007FFF7CC12000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-7-0x00007FFF7CC20000-0x00007FFF7CC22000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-8-0x00007FFF7CC30000-0x00007FFF7CC32000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-9-0x00007FFF7CC40000-0x00007FFF7CC42000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-10-0x00007FFF7CC50000-0x00007FFF7CC52000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-11-0x00007FFF7CC60000-0x00007FFF7CC62000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-12-0x00007FFF7CC70000-0x00007FFF7CC72000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-13-0x00007FFF7CC80000-0x00007FFF7CC82000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-14-0x00007FFF7CC90000-0x00007FFF7CC92000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-15-0x00007FFF7CCA0000-0x00007FFF7CCA2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-16-0x00007FFF7CCB0000-0x00007FFF7CCB2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-17-0x00007FFF7CCC0000-0x00007FFF7CCC2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-18-0x00007FFF7CCD0000-0x00007FFF7CCD2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-19-0x00007FFF7CCE0000-0x00007FFF7CCE2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-20-0x00007FFF7CCF0000-0x00007FFF7CCF2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-21-0x00000258BEC30000-0x00000258BECB1000-memory.dmp

    Filesize

    516KB

    Download

  • memory/4568-33-0x00000258BEC30000-0x00000258BECB1000-memory.dmp

    Filesize

    516KB

    Download

  • memory/4568-27-0x00000258BEC00000-0x00000258BEC1A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/4568-34-0x00000258BEC00000-0x00000258BEC1A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/4568-35-0x00000258C04C0000-0x00000258C2020000-memory.dmp

    Filesize

    27.4MB

    Download

  • memory/4568-44-0x00000258C04C0000-0x00000258C2020000-memory.dmp

    Filesize

    27.4MB

    Download

  • memory/4568-47-0x00007FFF7CD20000-0x00007FFF7CD22000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-46-0x00007FFF7CD10000-0x00007FFF7CD12000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-45-0x00007FFF7CD00000-0x00007FFF7CD02000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-48-0x00007FFF7CD30000-0x00007FFF7CD32000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-51-0x00007FFF7CD60000-0x00007FFF7CD62000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-50-0x00007FFF7CD50000-0x00007FFF7CD52000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-52-0x00007FFF7CD70000-0x00007FFF7CD72000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-49-0x00007FFF7CD40000-0x00007FFF7CD42000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-53-0x00007FFF7CD80000-0x00007FFF7CD82000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-54-0x00007FFF7CD90000-0x00007FFF7CD92000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-55-0x00007FFF7CDA0000-0x00007FFF7CDA2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-56-0x00007FFF7CDB0000-0x00007FFF7CDB2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-57-0x00007FFF7CDC0000-0x00007FFF7CDC2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-58-0x00007FFF7CDD0000-0x00007FFF7CDD2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-59-0x00007FFF7CDE0000-0x00007FFF7CDE2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-60-0x00007FFF7CDF0000-0x00007FFF7CDF2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-61-0x00007FFF7CE00000-0x00007FFF7CE02000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-62-0x00007FFF7CE10000-0x00007FFF7CE12000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4568-63-0x00007FFF7CE20000-0x00007FFF7CE22000-memory.dmp

    Filesize

    8KB

    Download