Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
28/06/2024, 18:59
General
-
Target
16a3268f1c0348c2eca89f2415f698dce258038d595e3714cf1f1a49ba900712.exe
-
Size
932KB
-
MD5
12b455eb5ccec5126b4044d3841b8d8a
-
SHA1
c46d43d025615176c655961de2c1c1b930e9af4a
-
SHA256
16a3268f1c0348c2eca89f2415f698dce258038d595e3714cf1f1a49ba900712
-
SHA512
2be80e1db037f65de3211040fc6dd56af601e7e8abd34c5d7c0c6c641bcdf3cb62071fe404642d24173d023357352913b3172a6f86085159622180d085ad40fb
-
SSDEEP
12288:x1/aGLDCMNpNAkoSzZWD8ayX2MQCw7D0FoWxJpcEi0/3IWV//7cSdA8KUt9irOKb:x1/aGLDCM4D8ayGMZo8/s4pKB82VRt
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\16a3268f1c0348c2eca89f2415f698dce258038d595e3714cf1f1a49ba900712.exe"C:\Users\Admin\AppData\Local\Temp\16a3268f1c0348c2eca89f2415f698dce258038d595e3714cf1f1a49ba900712.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\ProgramData\pxjajw.exe"C:\ProgramData\pxjajw.exe"2⤵
- Executes dropped EXE
- Adds Run key to start application
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
932KB
MD5491487e2809937b9d2e55dd0cd0d7277
SHA1c8fc2688ca129f1c650c9c0892083a2f2d1f2088
SHA256b06644729c1f4ba171df8dba21b76344c092a3d31a3b8f0bae62544e6b47abc2
SHA5120855eb221c27312b5c9319d69cddc12a64cbf445fd1904233fa4460702e0775b1f7ef29e0259a6854f4e61a5de7c4c6485e980bd3d62a0e5a56f59c39b2afc3d
-
Filesize
477KB
MD5c928d3c9d30a4c03c53fe1245e6a641b
SHA1dcd775254e306bad9c6a78dfa6fc427b180617b2
SHA2560ce5efa62386defc5efe3a6940a31c4f29a8e09c2e7ce3455c4e6976666cdeb1
SHA5120f982b289a3ac85476bdbeda1fb8adfd6479daaed20cf2de1e7def4479d7fe255623f34ccf11a5408067c791bd64f61bcea701f31fa2c00ec064d3ef22e39e4e
-
Filesize
454KB
MD5586262825fc0a0adb21119d536507b6e
SHA18ae21e4beb6f4535ea40ce11751ab38de89c7ee8
SHA256c82e491abe52b37729e2dcdaf19fb3e5bc6423450cc783a0d50eab7fcb7ac1fb
SHA51254a95e3cda436f54b3fb93c62d39d4b053f300bed164bd793bf3c8ce9f630377813242d129618380ab5e75831868cbb68ab5d7192fda3f66ed22b525d452913c
-
Filesize
964KB
-
Filesize
288KB