Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
25/10/2024, 21:17
Static task
static1
Behavioral task
behavioral1
Sample
87db4e4f87e40ebaa39eb90307a856267bcfc49c723262105c41d41f899f7c55.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
87db4e4f87e40ebaa39eb90307a856267bcfc49c723262105c41d41f899f7c55.exe
Resource
win10v2004-20241007-en
General
-
Target
87db4e4f87e40ebaa39eb90307a856267bcfc49c723262105c41d41f899f7c55.exe
-
Size
2.0MB
-
MD5
1e48e670bd6deb8710ec2983cd929ece
-
SHA1
d048b8dee8642121bc5795ff4003e65fc9056437
-
SHA256
87db4e4f87e40ebaa39eb90307a856267bcfc49c723262105c41d41f899f7c55
-
SHA512
cac02ca81acf18161b05623d0e67355c6193935cf4604fcbf2d9524f581c4d6808265ecc7265e5cb78ae869422df54134463b590440660b0ee289793006f036b
-
SSDEEP
49152:Rgi7tbYOMjUfkptVxHErvL73RLSo+2fhl:Rd7tMjUu5krvvRe12fD
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
description ioc Process File opened for modification C:\Windows\System32\alg.exe 87db4e4f87e40ebaa39eb90307a856267bcfc49c723262105c41d41f899f7c55.exe -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeTakeOwnershipPrivilege 5064 87db4e4f87e40ebaa39eb90307a856267bcfc49c723262105c41d41f899f7c55.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD5f093a173f1737ae3e91c3c4b2dac94a1
SHA101d9cf66e4031585e97a2ba5c9e7b0a0074e38ec
SHA2561e283c4865a3f51d6bb4dd3a70f1e6768b9ee14fe235f653286deeae720ec29a
SHA51219f7ec7691b9cf7f993531dfa776e905c16b22044d483b3ef3007e4100a86f86dbd9da38f7b12cc943b05a79be1db5c17c3ce68cc745149841e1a79e0193d2f8