Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

202407名单.exe

windows7-x64

1

202407名单.exe

windows10-1703-x64

1

202407名单.exe

windows10-2004-x64

1

GBgvQcZI.exe

windows7-x64

7

GBgvQcZI.exe

windows10-1703-x64

7

GBgvQcZI.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    293s
  • max time network
    299s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    07/08/2024, 02:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    202407名单.exe

  • Size

    11.1MB

  • MD5

    4981608f030982bea9c2c6defab80a5d

  • SHA1

    b15cf8423eb62e29812a81066adecfe31e5be743

  • SHA256

    8dc8867273f93678845ec8dfdfd84af24ab606121c3c076a0f6c5228e5cea862

  • SHA512

    fffab8d7a2cd3f3f99db5b5093ad80dbc6013aabe7a8be488c8e3bccf01562b48cb760d29066790e8b577f21cbc033a0602936b92c758d154cc5b9a11abf2d65

  • SSDEEP

    6144:uBGnXixYRgmR8Ltknr2iW18eHxaVjSB1zVJJSB:8GnXixpo8xjaVjSB1zVJJw

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 16 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\202407名单.exe
    "C:\Users\Admin\AppData\Local\Temp\202407名单.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:824

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/824-1-0x00007FFCAF1F5000-0x00007FFCAF1F6000-memory.dmp

    Filesize

    4KB

    Download

  • memory/824-0-0x00000000001D0000-0x00000000001DA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/824-2-0x00007FFCA98E0000-0x00007FFCA98F0000-memory.dmp

    Filesize

    64KB

    Download