Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
92s -
max time network
93s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
01/10/2024, 05:28
Behavioral task
behavioral1
Sample
cc443b97230266d18231c4144cc418b041d17ff57c74e855ddb13d4c4a1ddd25N.exe
Resource
win7-20240903-en
General
-
Target
cc443b97230266d18231c4144cc418b041d17ff57c74e855ddb13d4c4a1ddd25N.exe
-
Size
236KB
-
MD5
89cd8a0f54d31a51602d8622ba97b690
-
SHA1
d313b0d6c90d594c27d64021738f582e2967c3ca
-
SHA256
cc443b97230266d18231c4144cc418b041d17ff57c74e855ddb13d4c4a1ddd25
-
SHA512
13b181058a85a16133fbd8d5b60ab6371f5de6ef95f52b84504acae349f7fe3fe9095ff4a3268395cf14b2662db8eb843296141406c56a5f25de245bab267361
-
SSDEEP
3072:jJ0Bs3o8A4M3riN6MhGkgS3PL6pb9t16n5OkhBOPC/6/FnncroP9:lwDeM7iNEkgiOb31k1ECcJ/F
Malware Config
Signatures
-
resource yara_rule behavioral2/memory/3044-0-0x0000000000400000-0x000000000043B000-memory.dmp upx behavioral2/memory/3044-1-0x0000000000400000-0x000000000043B000-memory.dmp upx behavioral2/files/0x000800000002349d-7.dat upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language cc443b97230266d18231c4144cc418b041d17ff57c74e855ddb13d4c4a1ddd25N.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
236KB
MD596c7bd1f56b6df10ef1be9b448b4a00f
SHA174d1ced93f3720bfc44293c668fdf6ee456847bc
SHA256d351f3b4c77eba3cd0bbce72b1eb7ff488fc28f00304589845f187e36f78bbb7
SHA512623afd6b521c199e8f3812e3b7f50f2b85bb57dd9f15a574963043104e1c1cbd80e18ea83c72880c10a90aaeed78f556d5b853cf7fc0e120284fde6d6560bf9e