Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

edaca78bc6...77.exe

windows7-x64

1

edaca78bc6...77.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/01/2025, 08:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edaca78bc624a4098d521f4aef2b50a934c5c4e32e5e45b1bbe7058f173c8277.exe

  • Size

    1.6MB

  • MD5

    09d13ec9b8366ae5be8fb4f13992bf24

  • SHA1

    3e1b5f57410b9443f5065796f1a141200147119f

  • SHA256

    edaca78bc624a4098d521f4aef2b50a934c5c4e32e5e45b1bbe7058f173c8277

  • SHA512

    a459f321bad5152bced7a6a911c577c39c626f6e09a24be9342578cd2622b90c9cf7b9e35f33df9679d1f4c53f0e5c02df446d16163ceeb2f7821e226826803a

  • SSDEEP

    24576:r0yOdKnqj9MNrOoThmBZTsl3WaPECkDtGQjnEd7DSVXT5X1hnC:gSqj9MxOt83J/kwonPXT5X1hC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\edaca78bc624a4098d521f4aef2b50a934c5c4e32e5e45b1bbe7058f173c8277.exe
    "C:\Users\Admin\AppData\Local\Temp\edaca78bc624a4098d521f4aef2b50a934c5c4e32e5e45b1bbe7058f173c8277.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1116-0-0x00007FFD8F053000-0x00007FFD8F055000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1116-1-0x000001E6A8420000-0x000001E6A8454000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1116-2-0x00007FFD8F050000-0x00007FFD8FB11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1116-3-0x00007FFD8F050000-0x00007FFD8FB11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1116-4-0x00007FFD8F050000-0x00007FFD8FB11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1116-5-0x00007FFD8F050000-0x00007FFD8FB11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1116-6-0x00007FFD8F050000-0x00007FFD8FB11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1116-7-0x000001E6A8BF0000-0x000001E6A8BF8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/1116-9-0x000001E6A8C10000-0x000001E6A8C1E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/1116-8-0x000001E6C2B70000-0x000001E6C2BA8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/1116-22-0x00007FFD8F053000-0x00007FFD8F055000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1116-23-0x00007FFD8F050000-0x00007FFD8FB11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1116-24-0x00007FFD8F050000-0x00007FFD8FB11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1116-25-0x00007FFD8F050000-0x00007FFD8FB11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1116-26-0x00007FFD8F050000-0x00007FFD8FB11000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/1116-27-0x00007FFD8F050000-0x00007FFD8FB11000-memory.dmp

    Filesize

    10.8MB

    Download