Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

6a9f3fe186...4f.exe

windows7-x64

7

6a9f3fe186...4f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    94s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/07/2024, 23:54 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6a9f3fe1865f67efe2d3faa734ca0ed2b9d10ccfdc90c412581da817b10d624f.exe

  • Size

    144KB

  • MD5

    e67eb0184e6f91247edda132c9e37c9c

  • SHA1

    01378f8d976c06abb6a9fa134bd915e3d9d2107c

  • SHA256

    6a9f3fe1865f67efe2d3faa734ca0ed2b9d10ccfdc90c412581da817b10d624f

  • SHA512

    61d3d252938365a5e9d0aced98039f0998ee1a474008492e6adc3c579f4f40c22c1d2f3f6684caebb81cd72ce1ba3e6661641e6b3891d177acbd1fb65a98cef7

  • SSDEEP

    3072:enaym3AIuZAIuXN/ERbeoxKubAuOH1XbJVLHfTYjkNsVeuVVpgtUXLZ2tDB:wHm3AIuZAIuXN/ERbeoxKubAuOH1XbJV

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\6a9f3fe1865f67efe2d3faa734ca0ed2b9d10ccfdc90c412581da817b10d624f.exe
    "C:\Users\Admin\AppData\Local\Temp\6a9f3fe1865f67efe2d3faa734ca0ed2b9d10ccfdc90c412581da817b10d624f.exe"
    1⤵
      PID:4900

    Network

    • flag-us
      DNS
      14.160.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      14.160.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      15.164.165.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      15.164.165.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      183.59.114.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      183.59.114.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      30.243.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      30.243.111.52.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      14.160.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      14.160.190.20.in-addr.arpa

    • 8.8.8.8:53
      15.164.165.52.in-addr.arpa
      dns
      72 B
       146 B
       1
      1

      DNS Request

      15.164.165.52.in-addr.arpa

    • 8.8.8.8:53
      183.59.114.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      183.59.114.20.in-addr.arpa

    • 8.8.8.8:53
      30.243.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      30.243.111.52.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4900-0-0x0000000000400000-0x000000000040B000-memory.dmp

      Filesize

      44KB

      Download

    • memory/4900-1-0x0000000000400000-0x000000000040B000-memory.dmp

      Filesize

      44KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.