Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

61bd8510df...32.exe

windows7-x64

6

61bd8510df...32.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/06/2024, 22:17 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    61bd8510df07d9292b1c5dd74c0bd64d4aa1d05e0b0a2db585b776f8f8668a32.exe

  • Size

    4.8MB

  • MD5

    f3c79bce5f180f9b2bf98e30c1b868ed

  • SHA1

    638d29de708358e572dfbe4abb66a10c37aa6686

  • SHA256

    61bd8510df07d9292b1c5dd74c0bd64d4aa1d05e0b0a2db585b776f8f8668a32

  • SHA512

    859dfebdf6baae2a58cb7c8ceff5c9af05226d315cfcbcc0f0d7d7f15e4577d8e413bce3174621a5bfb5872f4e59e9a5494dc89978c4f24c907ea1b60bbb86a5

  • SSDEEP

    98304:kf4EIDDHK9nhCbJzEaokXvLZw8jzcO/7KNQS8r7NL5j5tDo3STwK7zUFBVEWWxfF:Q4HKDQBKkXy+XWt815j5tDobSUFQdxfF

Score
7/10

Malware Config

Signatures

  • Checks BIOS information in registry 2 TTPs 2 IoCs

    BIOS information is often read in order to detect sandboxing environments.

  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\61bd8510df07d9292b1c5dd74c0bd64d4aa1d05e0b0a2db585b776f8f8668a32.exe
    "C:\Users\Admin\AppData\Local\Temp\61bd8510df07d9292b1c5dd74c0bd64d4aa1d05e0b0a2db585b776f8f8668a32.exe"
    1⤵
    • Checks BIOS information in registry
    • Enumerates connected drives
    • Checks processor information in registry
    • Enumerates system info in registry
    PID:2964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2964-1-0x0000000000E20000-0x0000000000E23000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2964-0-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2964-4-0x0000000000401000-0x000000000053D000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2964-2-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2964-3-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2964-5-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2964-6-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2964-7-0x0000000000400000-0x0000000000CB9000-memory.dmp

    Filesize

    8.7MB

    Download

  • memory/2964-8-0x0000000000401000-0x000000000053D000-memory.dmp

    Filesize

    1.2MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.