Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
4s -
max time network
5s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
03/09/2024, 22:46
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Ninjadbg_UPX_unpacked_repacked.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
Ninjadbg_UPX_unpacked_repacked.exe
-
Size
19KB
-
MD5
6ddbf168478dd6056d171e9fbe989953
-
SHA1
84ed65026ff309936c2f0d2e06b0cb91d1512358
-
SHA256
0b5e21d449c92e45f7805db3f41b2f406e9a010c0317364b1c99d224c279bee2
-
SHA512
afe39ddc9afafc22ae2e8ca430211186267e20043f19ff17a201c744073c25053ffe370e224f77cd89b03124924e28521d8f41201e7e8199894dfad8f3770952
-
SSDEEP
384:VmAbtYiu1uphDvw94QW3cYcTPM4PELlc7Mg2gWvIfejWt9A2/2R:tYcm9O3cYsEKgl22B5jWt9AO2
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language Ninjadbg_UPX_unpacked_repacked.exe -
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe 1408 Ninjadbg_UPX_unpacked_repacked.exe