Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

revenge.exe

windows7-x64

3

revenge.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    147s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25/10/2024, 17:41 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    revenge.exe

  • Size

    14KB

  • MD5

    9d24aa861734960798b2296898fea625

  • SHA1

    0e4059e90e52fa97b18c2587853072b268f0be52

  • SHA256

    b5de850f4b69cf4a6fae8781d19190eddfc1ccbc9e34fc877b48f0bd898804e1

  • SHA512

    bec097d202f53ecc4ebbc37f318599a7c4939cba4d17582492dc9e077eda26e7691a11b689a0e2290cb0c544a8719789f246233a03e894999e823dc5f48d9964

  • SSDEEP

    192:o+8C+EKS0O9ejYTDG8bcp4LlzanieXubWyD9JEBkGxVX/qoNDRJw:oNVjYTDG8gpaBeXTyD3EnxsoN8

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\revenge.exe
    "C:\Users\Admin\AppData\Local\Temp\revenge.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2844

Network

  • flag-us
    DNS
    marcelotatuape.ddns.net
    revenge.exe
    Remote address:
    8.8.8.8:53
    Request
    marcelotatuape.ddns.net
    IN A
    Response
    marcelotatuape.ddns.net
    IN A
    177.52.84.20
  • flag-us
    DNS
    marcelotatuape.ddns.net
    revenge.exe
    Remote address:
    8.8.8.8:53
    Request
    marcelotatuape.ddns.net
    IN A
    Response
    marcelotatuape.ddns.net
    IN A
    177.52.84.20
  • flag-us
    DNS
    marcelotatuape.ddns.net
    revenge.exe
    Remote address:
    8.8.8.8:53
    Request
    marcelotatuape.ddns.net
    IN A
    Response
    marcelotatuape.ddns.net
    IN A
    177.52.84.20
  • 177.52.84.20:333
    marcelotatuape.ddns.net
    revenge.exe
    152 B
     3
  • 177.52.84.20:333
    marcelotatuape.ddns.net
    revenge.exe
    152 B
     3
  • 177.52.84.20:333
    marcelotatuape.ddns.net
    revenge.exe
    152 B
     3
  • 177.52.84.20:333
    marcelotatuape.ddns.net
    revenge.exe
    152 B
     3
  • 177.52.84.20:333
    marcelotatuape.ddns.net
    revenge.exe
    152 B
     3
  • 177.52.84.20:333
    marcelotatuape.ddns.net
    revenge.exe
    152 B
     3
  • 177.52.84.20:333
    marcelotatuape.ddns.net
    revenge.exe
    52 B
     1
  • 8.8.8.8:53
    marcelotatuape.ddns.net
    dns
    revenge.exe
    69 B
     85 B
     1
    1

    DNS Request

    marcelotatuape.ddns.net

    DNS Response

    177.52.84.20

  • 8.8.8.8:53
    marcelotatuape.ddns.net
    dns
    revenge.exe
    69 B
     85 B
     1
    1

    DNS Request

    marcelotatuape.ddns.net

    DNS Response

    177.52.84.20

  • 8.8.8.8:53
    marcelotatuape.ddns.net
    dns
    revenge.exe
    69 B
     85 B
     1
    1

    DNS Request

    marcelotatuape.ddns.net

    DNS Response

    177.52.84.20

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2844-0-0x00000000746F1000-0x00000000746F2000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2844-1-0x00000000746F0000-0x0000000074C9B000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/2844-2-0x00000000746F0000-0x0000000074C9B000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/2844-3-0x00000000746F0000-0x0000000074C9B000-memory.dmp

    Filesize

    5.7MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.