Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
29/07/2024, 05:55
Static task
static1
Behavioral task
behavioral1
Sample
bbfaa8ae6ceaf2c3b779dd8223167314c6f5e15d8ccca3638980b1e88a0edf2e.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
bbfaa8ae6ceaf2c3b779dd8223167314c6f5e15d8ccca3638980b1e88a0edf2e.exe
Resource
win10v2004-20240709-en
General
-
Target
bbfaa8ae6ceaf2c3b779dd8223167314c6f5e15d8ccca3638980b1e88a0edf2e.exe
-
Size
19KB
-
MD5
3a25bdca596295c249a61d493da1c008
-
SHA1
43f8430013f16c95e50ac98ff80edd9af413f634
-
SHA256
bbfaa8ae6ceaf2c3b779dd8223167314c6f5e15d8ccca3638980b1e88a0edf2e
-
SHA512
2ec6266eb5ef9113f01df5716728438ec7d8030909ec020f7b29bfe66e11f59ce0a343f8df76ec988b557d184c2b3630bec30c6f3004fdeb045cc3384bb446a6
-
SSDEEP
192:4V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2qE0XinCxWF8qa1Dojjgi:qqaCF31cix+Dc4zju8innFF46gi
Malware Config
Extracted
cobaltstrike
http://43.142.3.234:445/ENuU
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; MALC)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.