Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Cudo Miner...er.exe

windows10-2004-x64

10

Cudo Miner...er.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    207s
  • max time network
    281s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    01/09/2024, 22:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Cudo Miner/Cudo Miner.exe

  • Size

    633KB

  • MD5

    12a23c5df65b5502b16769bb131aa735

  • SHA1

    a78f9833d3ae55ee5025baa81eb86c06cdd9a98a

  • SHA256

    2b2d4bcb499ea6e3a0add102b19dd08c97a4590f137b843c9b9ab849c84d92c6

  • SHA512

    b23af6f117f106937b9973b5bcbb8e54efd8e141735277023e086304d465fb46eb8f29bf2fa1bb461df345cba75813ee44ac3d14eb59c70053de6aeb85f9b588

  • SSDEEP

    6144:GvZQvBs7tHAKKgl/o/PnfZMJmUNb3sWh7BgRsO5ajgKlT2c66OZFXmt61dReZglW:w/tgKK4Jm2b7ehugFLQZglkf

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Cudo Miner\Cudo Miner.exe
    "C:\Users\Admin\AppData\Local\Temp\Cudo Miner\Cudo Miner.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3456

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3456-0-0x00007FFF01C43000-0x00007FFF01C45000-memory.dmp

    Filesize

    8KB

    Download

  • memory/3456-1-0x0000000000A20000-0x0000000000AC2000-memory.dmp

    Filesize

    648KB

    Download

  • memory/3456-2-0x00007FFF01C40000-0x00007FFF02702000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/3456-8-0x00007FFF01C40000-0x00007FFF02702000-memory.dmp

    Filesize

    10.8MB

    Download