Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

cryptolaemus

windows10-2004-x64

7

cryptolaemus

windows11-21h2-x64

6

Analysis

  • max time kernel
    140s
  • max time network
    124s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06/08/2024, 10:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    83f6f8c068cd5b4448b2525ee799f58aa5ad0ce40f901881eda105f6d6ed4661.exe

  • Size

    547KB

  • MD5

    8ecad7a38a26ac1fc2c7804afd0599fa

  • SHA1

    587475e77012d412fd96213f048b2fb2d5d405e9

  • SHA256

    83f6f8c068cd5b4448b2525ee799f58aa5ad0ce40f901881eda105f6d6ed4661

  • SHA512

    a5a2499fb2c5a7751f09c50032c2fcba1c2c87ad4c35910decf00d24d4d90e233fa383319d7ddd3537f3891a0db49240a9c2c81451192308280687015c8898d5

  • SSDEEP

    12288:RkTOXwOv+O+qw5ZT13sjsaz6ph0lhSMXliRm6oQL0:Rdv+qIZT4Qh0lhSMXlim630

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\83f6f8c068cd5b4448b2525ee799f58aa5ad0ce40f901881eda105f6d6ed4661.exe
    "C:\Users\Admin\AppData\Local\Temp\83f6f8c068cd5b4448b2525ee799f58aa5ad0ce40f901881eda105f6d6ed4661.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: RenamesItself
    PID:3880

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3880-0-0x00007FF75B650000-0x00007FF75B6DE000-memory.dmp

    Filesize

    568KB

    Download