Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
130s -
max time network
136s -
platform
windows10-1703_x64 -
resource
win10-20240611-en -
resource tags
-
submitted
29/08/2024, 09:33
General
-
Target
contract Agreement.exe
-
Size
2.1MB
-
MD5
947d5d54bcb0bb3401571e68125c05d1
-
SHA1
85b930cbf4d7a86ec4887915e1bec9912039c63b
-
SHA256
374170efee6359fe5776db7b9d8cfea1cbb92478b110bd851852102130147ca3
-
SHA512
de280efa3b7f309784f6c18de9e5339e96811781d71589c2763ec687cdb8063148e36eb2af5e32899ad804869d8376f0628a00ae1cce7d566667da171ed93eea
-
SSDEEP
49152:U5Dg3sJDRZo8DYpK/2sFq6r5o9quvlCZT1PXJWpFcLB8c4j:3s46LBmj
Score
5/10
Malware Config
Signatures
-
Suspicious use of SetThreadContext 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 14 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\contract Agreement.exe"C:\Users\Admin\AppData\Local\Temp\contract Agreement.exe"1⤵
- Suspicious use of SetThreadContext
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe"2⤵
- Suspicious behavior: EnumeratesProcesses
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
284KB
-
Filesize
284KB
-
Filesize
3.1MB
-
Filesize
284KB