Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

Effectrix.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    105s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/07/2024, 14:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Effectrix.exe

  • Size

    7.9MB

  • MD5

    29f6e9605ce8ca415f172d68a9ad3c98

  • SHA1

    3f73fa5e4f9adfefc51c18e1873df492b255924b

  • SHA256

    b7ce3d98e042faa8cdf4ac8602d6558fb2022b5cb3bffbab31b4efa92ee8c747

  • SHA512

    7310ac9b34604382d0dfcbf46fc32669fd74d732c9d20738280a8b5d7b7e0becb56ef0e3ecd965e5fc4cbe4390db6cb9dfcdfc6f9e935e8968a19d5833f5402c

  • SSDEEP

    196608:iQSJekV6M8L3frnNbu8K+3/SxF7/Y3V/CfQouRxeWA2FJ:BpXj9Tzy7XfPuWm

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Effectrix.exe
    "C:\Users\Admin\AppData\Local\Temp\Effectrix.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Users\Admin\AppData\Local\Temp\is-0O1IP.tmp\Effectrix.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-0O1IP.tmp\Effectrix.tmp" /SL5="$13003A,7549989,721408,C:\Users\Admin\AppData\Local\Temp\Effectrix.exe"
      2⤵
      • Executes dropped EXE
      PID:3196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-0O1IP.tmp\Effectrix.tmp
    Filesize

    2.4MB

    MD5

    84db4b4205f705da71471dc6ecc061f5

    SHA1

    b90bac8c13a1553d58feef95a2c41c64118b29cf

    SHA256

    647983ebde53e0501ff1af8ef6190dfeea5ccc64caf7dce808f1e3d98fb66a3c

    SHA512

    c5803b63d33bb409433b496b83ca2a7359b4b1835815386206283b3af5c54d7d1cb9e80244a888638c7703c4bf54e1b2c11be6836f20b9fea157ab92bfbf365a

    Download Submit

  • memory/2432-0-0x0000000000400000-0x00000000004BE000-memory.dmp

    Filesize

    760KB

    Download

  • memory/2432-2-0x0000000000401000-0x00000000004A9000-memory.dmp

    Filesize

    672KB

    Download

  • memory/2432-8-0x0000000000400000-0x00000000004BE000-memory.dmp

    Filesize

    760KB

    Download

  • memory/3196-6-0x0000000000400000-0x0000000000679000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/3196-9-0x0000000000400000-0x0000000000679000-memory.dmp

    Filesize

    2.5MB

    Download