Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

f-mydoom.exe

windows7-x64

7

f-mydoom.exe

windows10-2004-x64

7

Resubmissions

14/12/2024, 11:50 UTC

241214-nzz4ws1kds 10

14/12/2024, 11:47 UTC

241214-nxz14s1jgx 10

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    14/12/2024, 11:47 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f-mydoom.exe

  • Size

    111KB

  • MD5

    91800f7d2ca85deedba2735c8b4505ce

  • SHA1

    92fe08cb0213e0e07fdd0382da0178834ef5e401

  • SHA256

    e98dccc92e1733f8736678d82b3d1a8c6388b8cb1e42a5083d113cf75fb0577d

  • SHA512

    89359ccbe64ee1fec2ac7446b3022cd38e2316507b1a938fbf5a3171c8b43333dd6b04b1faa597dbe6e20fd243056798336805405bedfb761e9d4ee649109a40

  • SSDEEP

    3072:eL//liK0SY+3CPzEWrfxCuXhcxM7uu2hFgzp:G//liK0SY+3CP2uXKar2h2

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 3 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Drops file in Windows directory 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f-mydoom.exe
    "C:\Users\Admin\AppData\Local\Temp\f-mydoom.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1828

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.