Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

QUOTATION_...DF.scr

windows7-x64

1

QUOTATION_...DF.scr

windows10-2004-x64

1

Resubmissions

30/01/2025, 11:07

250130-m8faea1mgr 3

07/11/2024, 10:33

241107-mln9sszmgx 10

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250129-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250129-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/01/2025, 11:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    QUOTATION_NOVQTRA071244·PDF.scr

  • Size

    73KB

  • MD5

    3518e621e9ac0f5c9de6e3c3921c1365

  • SHA1

    78582a73cc154ff3415225f57d9ca615c02b80a1

  • SHA256

    7d79f16250f4c090d466be4ee8d4df679b489313ef5cb01e3528b71f64b9d3e8

  • SHA512

    e1eb1a1def9805a2eee3c1cdd20a040c351643115c0642be8ef3b767f4c0952ddac312382730841eda4e72bd4691d03d9c7567e1032d30abd7448ccfb677b7de

  • SSDEEP

    768:MhpjDqQflLNiasAnRYizE7fYd54DPzdpK5wzJUbtE9m+g4/lZX/f8a0MKG06EgRy:aNzialHII4fd7qb+g4/lZ+MKG06EYre

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\QUOTATION_NOVQTRA071244·PDF.scr
    "C:\Users\Admin\AppData\Local\Temp\QUOTATION_NOVQTRA071244·PDF.scr" /S
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2972-0-0x00007FFA0CDD3000-0x00007FFA0CDD5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2972-1-0x00000172C94F0000-0x00000172C9506000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2972-2-0x00007FFA0CDD0000-0x00007FFA0D891000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2972-3-0x00007FFA0CDD3000-0x00007FFA0CDD5000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2972-4-0x00007FFA0CDD0000-0x00007FFA0D891000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2972-5-0x00007FFA0CDD0000-0x00007FFA0D891000-memory.dmp

    Filesize

    10.8MB

    Download