Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

CustomNotepad.exe

windows7-x64

1

CustomNotepad.exe

windows10-1703-x64

1

Analysis

  • max time kernel
    302s
  • max time network
    314s
  • platform
    windows10-1703_x64
  • resource
    win10-20240611-en
  • resource tags

    arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
  • submitted
    12/09/2024, 13:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CustomNotepad.exe

  • Size

    141.6MB

  • MD5

    fafaaf268fbb8cf5571920aa23ffa4b0

  • SHA1

    8f1a6d613bb1ffd219e5380e66c5d5349cd1cd88

  • SHA256

    308473be2e81182d3b01ac9fb9d12168b25397186ae6c325702953728e1f52ec

  • SHA512

    6c7aba16bf44f8fff2f554c181630e294c22c72e69a390f8c8a4383e6eebb0164481a63aa36123244abecffc6e8026b8cd99b7c956e9760f6c4bf1c935b553db

  • SSDEEP

    786432:NW2CUJfgreBVNrPVsWN3KPqiVZb6Sc8CjWi3HTK6aTtLwSTRpf4P1wT1wim:NR1grOVNBsTVZb6ii3H2rm

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CustomNotepad.exe
    "C:\Users\Admin\AppData\Local\Temp\CustomNotepad.exe"
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/520-3-0x0000000180000000-0x0000000180A25000-memory.dmp

    Filesize

    10.1MB

    Download

  • memory/520-7-0x00007FF760EDE000-0x00007FF760EDF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/520-8-0x0000015E00090000-0x0000015E000A3000-memory.dmp

    Filesize

    76KB

    Download

  • memory/520-12-0x0000015E00140000-0x0000015E00180000-memory.dmp

    Filesize

    256KB

    Download

  • memory/520-41-0x0000015E20D30000-0x0000015E20E2E000-memory.dmp

    Filesize

    1016KB

    Download

  • memory/520-48-0x0000015E00080000-0x0000015E00087000-memory.dmp

    Filesize

    28KB

    Download

  • memory/520-44-0x0000015E001A0000-0x0000015E001C1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/520-52-0x0000015E000D0000-0x0000015E000DA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/520-60-0x0000015E20CC0000-0x0000015E20CEA000-memory.dmp

    Filesize

    168KB

    Download

  • memory/520-56-0x0000015E20C70000-0x0000015E20CB1000-memory.dmp

    Filesize

    260KB

    Download

  • memory/520-37-0x0000015E00180000-0x0000015E00198000-memory.dmp

    Filesize

    96KB

    Download

  • memory/520-32-0x0000015E00120000-0x0000015E00140000-memory.dmp

    Filesize

    128KB

    Download

  • memory/520-28-0x0000015E00070000-0x0000015E0007D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/520-24-0x0000015E20B00000-0x0000015E20BC1000-memory.dmp

    Filesize

    772KB

    Download

  • memory/520-20-0x0000015E000B0000-0x0000015E000C2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/520-16-0x0000015E218E0000-0x0000015E22591000-memory.dmp

    Filesize

    12.7MB

    Download

  • memory/520-66-0x0000015E217A0000-0x0000015E21855000-memory.dmp

    Filesize

    724KB

    Download

  • memory/520-70-0x0000015E20AF0000-0x0000015E20AF5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/520-75-0x0000015E20F30000-0x0000015E20F46000-memory.dmp

    Filesize

    88KB

    Download

  • memory/520-79-0x0000015E21780000-0x0000015E2179D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/520-87-0x0000015E23AE0000-0x0000015E23B62000-memory.dmp

    Filesize

    520KB

    Download

  • memory/520-83-0x0000015E23A30000-0x0000015E23A46000-memory.dmp

    Filesize

    88KB

    Download

  • memory/520-91-0x0000015E23A10000-0x0000015E23A29000-memory.dmp

    Filesize

    100KB

    Download

  • memory/520-108-0x00007FF760EDE000-0x00007FF760EDF000-memory.dmp

    Filesize

    4KB

    Download