Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

AlApp.exe

windows7-x64

1

AlApp.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    35s
  • max time network
    36s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/08/2024, 14:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AlApp.exe

  • Size

    66.6MB

  • MD5

    07e86dcd811482093025aef23eb6e1e1

  • SHA1

    08e5ceda41c97fcf10e053299c835cfd9f6885d1

  • SHA256

    39b3ff4e5437dd98bc60be34aba3f6a332dd72ea44693af7c26ca4aec51ae7e2

  • SHA512

    4e93da6d458f6240727e22c3af2d2d8a1e422de2eee90264c05e7dc4c7bc5241180fca4934c8e127545efea80658956ceafa1b7b3a99a4ff8c2545f4f62aef71

  • SSDEEP

    24576:JmHtim+SMpA6PzizM/XV4+lsKFAvnMLyCkKj4JPMUTsMMhVcz+hXrgvc2coUMq:MHwvtpAnMN4GgMPkLZpTShuz+hXrwc2S

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AlApp.exe
    "C:\Users\Admin\AppData\Local\Temp\AlApp.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:4040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4040-0-0x00007FFAA4C13000-0x00007FFAA4C15000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4040-1-0x0000000000E00000-0x0000000000F92000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/4040-2-0x000000001CFF0000-0x000000001D20E000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/4040-3-0x00007FFAA4C10000-0x00007FFAA56D1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4040-6-0x00007FFAA4C10000-0x00007FFAA56D1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4040-7-0x00000000027D0000-0x00000000027D8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4040-8-0x00007FFAA4C10000-0x00007FFAA56D1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4040-9-0x00007FFAA4C10000-0x00007FFAA56D1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4040-10-0x00007FFAA4C10000-0x00007FFAA56D1000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/4040-11-0x00007FFAA4C13000-0x00007FFAA4C15000-memory.dmp

    Filesize

    8KB

    Download

  • memory/4040-12-0x00007FFAA4C10000-0x00007FFAA56D1000-memory.dmp

    Filesize

    10.8MB

    Download