Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
70s -
max time network
71s -
platform
windows11-21h2_x64 -
resource
win11-20240802-en -
resource tags
arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system -
submitted
10/08/2024, 14:05
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
C4IZYZQJ.exe
Resource
win11-20240802-en
2 signatures
150 seconds
General
-
Target
C4IZYZQJ.exe
-
Size
393KB
-
MD5
4937e9bf360ca8c113e4ecd963afaec6
-
SHA1
aecf218e889aaac6cb4ee47e7e2f2b9487e904c8
-
SHA256
66c0dccf12a0ccf9a6575b6117c635b215ac826b880391f0f338316d170791ec
-
SHA512
a880638052ec9be5a061ab4711ba2094a66bf439ac0c6b26867511a8f331bef548f1c9595d560275a3a58280158e7e806dd88c3b7306bfa54ef23d8aaf6c6d29
-
SSDEEP
12288:q9vlZ77DyNBm79OW4Stl3QW7sEthMpe8zTtEX4:+NZ77DyNBm79OW4DWQMhMpe8Pte4
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe 2160 C4IZYZQJ.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeDebugPrivilege 2160 C4IZYZQJ.exe