Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

IMAGE TOKE...ER.rar

windows11-21h2-x64

1

Builder.exe

windows11-21h2-x64

8

�d]T� .pyc

windows11-21h2-x64

README.txt

windows11-21h2-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    18/01/2025, 16:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IMAGE TOKEN GRABBER.rar

  • Size

    5.8MB

  • MD5

    0e7cd7916b3a6293ad8cac14785373d6

  • SHA1

    8a48d2b50c0eea8c1ab4f9aa2b1b084edb47ce9b

  • SHA256

    01e9c7b17de6d65c6292e8f86abc5ae3c3150b11504993c426c3b4391688676a

  • SHA512

    be2cb80b0d6dd67010f8edb3b8047ff8fd712dee3b162c5457019c89246c746cd4de0738ec8b3d6dec863b351afefbe26633dca8409396a03555421bbf2da0f4

  • SSDEEP

    98304:Nke70SmD9rst4XC2Zc/FCbPzaMLnn0psA/oe5IkLsL15y0g/3mZTOYR+rBWvVMrY:NkqOD9rstGC2ZuFWPOMjQro8IkALbfkg

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\IMAGE TOKEN GRABBER.rar"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:3956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads