Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

4

NART x AYS...ep.exe

windows7-x64

1

NART x AYS...ep.exe

windows10-2004-x64

1

NART x AYS...at.exe

windows7-x64

8

NART x AYS...at.exe

windows10-2004-x64

8

NART x AYS...64.exe

windows7-x64

4

NART x AYS...64.exe

windows10-2004-x64

4

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

CPUEater.exe

windows7-x64

1

CPUEater.exe

windows10-2004-x64

1

Insights.exe

windows7-x64

1

Insights.exe

windows10-2004-x64

1

InstallHelper.exe

windows7-x64

1

InstallHelper.exe

windows10-2004-x64

1

LogViewer.exe

windows7-x64

1

LogViewer.exe

windows10-2004-x64

1

ProcessGovernor.exe

windows7-x64

1

ProcessGovernor.exe

windows10-2004-x64

1

ProcessLasso.exe

windows7-x64

1

ProcessLasso.exe

windows10-2004-x64

1

ProcessLas...er.exe

windows7-x64

3

ProcessLas...er.exe

windows10-2004-x64

5

QuickUpgrade.exe

windows7-x64

6

QuickUpgrade.exe

windows10-2004-x64

6

ThreadRacer.exe

windows7-x64

1

ThreadRacer.exe

windows10-2004-x64

1

TweakScheduler.exe

windows7-x64

1

TweakScheduler.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    125s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/09/2024, 21:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Insights.exe

  • Size

    750KB

  • MD5

    e825bb27108035adda9c27815fb1adf5

  • SHA1

    0417a261d31f485fd510b4e737636401140bb4e8

  • SHA256

    7fed9370ce18f5ca8b3f8bbef91ac04c8d3f946836a1185b3077f396772621ab

  • SHA512

    a7572ab7395f7cfd267a61687fcd1ebdfca1e3f322550c1631d251c9eb8518f653b72aca7e70f46eacf795e066b2d66b5860424da349c0ee74b0b9b6b0bc1bde

  • SSDEEP

    12288:vsfeRpOSZXtAOvd0m3+p8Ly16/sJKGHx6:0feRpFtAOvr3+p8LyIULHA

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\Insights.exe
    "C:\Users\Admin\AppData\Local\Temp\Insights.exe"
    1⤵
    • Checks processor information in registry
    PID:3192

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads