Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
92s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
01/09/2024, 14:36
Behavioral task
behavioral1
Sample
fdf9d195fbd7fa1170e225a8ae3aec10N.exe
Resource
win7-20240705-en
General
-
Target
fdf9d195fbd7fa1170e225a8ae3aec10N.exe
-
Size
236KB
-
MD5
fdf9d195fbd7fa1170e225a8ae3aec10
-
SHA1
a4b8e70a756b0de6eb7ad705b3271f435787417c
-
SHA256
dba56b8ed3eea0ea6f5f843e0d979ab24aa014fa248e9221c0abd6a7892865f2
-
SHA512
2360dc109a84b9f844a46678593c308cf1b73e9d19e4fd00e07e09e4ff2f540473123240467856a9a89eade1c31ee751be27c6516b138b14ad76542fb1f55d01
-
SSDEEP
3072:/J0Bs3o8A4M3riN6MhGkgS3PL6pb9t16n5OkhBOPC/z/FnncroP9:hwDeM7iNEkgiOb31k1ECjJ/F
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/1828-0-0x0000000000400000-0x000000000043B000-memory.dmp upx behavioral2/memory/1828-1-0x0000000000400000-0x000000000043B000-memory.dmp upx behavioral2/files/0x00080000000234fa-7.dat upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language fdf9d195fbd7fa1170e225a8ae3aec10N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
236KB
MD5f6344e28514a9b74177de6acc94981c8
SHA16c11d01477fe1711a769bdcde2973d023f8ed49d
SHA2564b1a0aec309a1d5a06594cfb4fc6b38fc62d9b0c1d6aba2f7576f6d6765d7d91
SHA512a90ea3b3d8e3833a8a2547c55c666e1aa857c0420fabda88873a74f5e8cbb75168101ec6f88f9f89f6c91d8c11796ae54fae03fdba418b29150600e454bf2cf1