Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
30/11/2024, 17:01
Static task
static1
Behavioral task
behavioral1
Sample
a.zip
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a.zip
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
a/3k netflix accs.txt
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
a/3k netflix accs.txt
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
a/Netflix Checker v0.2.2.exe
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
a/Netflix Checker v0.2.2.exe
Resource
win10v2004-20241007-en
General
-
Target
a.zip
-
Size
214KB
-
MD5
d47f5972b60dcb6fcdcea7f2c449f1c9
-
SHA1
d64dd1c297ccce13a7128557a324c3e07225d9aa
-
SHA256
91255689302bcda6ac485811f1e989044c6c7640ea1e9b4dc98bac20b7d3c926
-
SHA512
a74b716f49528449f54456f861bf5d3b5b400eef130be4ef2c0c24fe9ca703d7f4477ece8f6fc38b236addaf9aedab208bf42f0849a3551eb6ddab3dba50799c
-
SSDEEP
6144:8Kc9Bd776ePMXJ+ocEnTXxZXZtHa8sbcPLceeLmSa:Zc9TXgXJ+oVhrtalbcDjeLmSa
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 2884 7zFM.exe Token: 35 2884 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2884 7zFM.exe