Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

SecuriteIn...92.exe

windows7-x64

3

SecuriteIn...92.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12/09/2024, 03:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Trojan-Downloader.Autoit.gen.23611.13592.exe

  • Size

    1.2MB

  • MD5

    25937aa2a51937c860b96383e85e02d1

  • SHA1

    aada5a66d3dc5dff736ef8fac8c8d94390ebb258

  • SHA256

    66f8c1cba3ad6b3362dcfc5f59861c2505b2ea55fe8d261562506889983a324d

  • SHA512

    8ddc6df0f303f1ba98763b08116e60646d757cb4f82ffe823ae459ede4867ef7b7227e37979924c1f2119c474be4d426a5726faf40b4c730e0f3fd1aeed63674

  • SSDEEP

    24576:J4lavt0LkLL9IMixoEgeaa3wZoOcT4vv3Naq9MmCS:Ykwkn9IMHeaa3POcuvUaPCS

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan-Downloader.Autoit.gen.23611.13592.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan-Downloader.Autoit.gen.23611.13592.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1924

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\contrapose
    Filesize

    280KB

    MD5

    ec62d1c35bae3c7e5f4f1d114a1d8b85

    SHA1

    96464a4b45fd409932a9a5959ed4c1bfc9ee6f45

    SHA256

    caa46bf25278cfd5332a1de0dd6154eb4abb21cfc6c33b923fff5f2da079cd3c

    SHA512

    9fe8bee7ebb90d2796d4f50e09042db35ae9c014ff900785776062e2a09b9d0640d3d818f73ff5e324923b467f8c9296892fd7e75db41f734c826ecfbbd49157

    Download Submit

  • memory/1924-7-0x00000000009A0000-0x0000000000DA0000-memory.dmp

    Filesize

    4.0MB

    Download