Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    134s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/07/2024, 14:09

General

  • Target

    Executor.rar

  • Size

    8.5MB

  • MD5

    b89e0e0d30b9110c054a835a0769f7ff

  • SHA1

    3a3b38bf7e2b018ac2b31001ae81b33d37acf946

  • SHA256

    0b8cf93755560b9e92be4b0c791a8fff15db9e38f9e6952ae9b58ea84ccab3dd

  • SHA512

    ac3b00bf76758f03a83cff1380d08def9638e9df3e803be48be0d78adee8909ecbbf4d02565b8aa3bab7927a3d3f04a417c38c222e77cacbd5f4f5a1356377b1

  • SSDEEP

    196608:DgD702OCl4dgTuIV+1JSWsssk4l0SK9Z/p0ZVDjJdgYscVE:UMtVI4/5YVq/qZdtd8Z

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Executor.rar
    1⤵
    • Modifies registry class
    PID:3656
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads