38bc13ef112b2f17d4d1a80243fac6a521b5d58228984aae0752d79487fa3b66

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

241105-dtx...ed.zip

windows7-x64

241105-dtx...ed.zip

windows10-2004-x64

d91912b4b9...37.rar

windows7-x64

d91912b4b9...37.rar

windows10-2004-x64

08751be484...2d.dll

windows7-x64

08751be484...2d.dll

windows10-2004-x64

0a9f79abd4...51.exe

windows7-x64

0a9f79abd4...51.exe

windows10-2004-x64

0di3x.exe

windows7-x64

0di3x.exe

windows10-2004-x64

201106-9sx...ed.zip

windows7-x64

201106-9sx...ed.zip

windows10-2004-x64

2019-09-02...10.exe

windows7-x64

2019-09-02...10.exe

windows10-2004-x64

2c01b00772...eb.exe

windows7-x64

2c01b00772...eb.exe

windows10-2004-x64

31.exe

windows7-x64

31.exe

windows10-2004-x64

3DMark 11 ...on.exe

windows7-x64

3DMark 11 ...on.exe

windows10-2004-x64

42f9729255...61.exe

windows7-x64

42f9729255...61.exe

windows10-2004-x64

5da0116af4...18.exe

windows7-x64

5da0116af4...18.exe

windows10-2004-x64

6306868794.bin.zip

windows7-x64

6306868794.bin.zip

windows10-2004-x64

69c56d12ed...6b.exe

windows7-x64

69c56d12ed...6b.exe

windows10-2004-x64

905d572f23...50.exe

windows7-x64

905d572f23...50.exe

windows10-2004-x64

948340be97...54.exe

windows7-x64

948340be97...54.exe

windows10-2004-x64

Resubmissions

01/03/2025, 18:58

250301-xmhhrayp15 10

01/03/2025, 18:55

250301-xkqrcaypx7 10

Analysis

max time kernel
844s
max time network
853s
platform
windows7_x64
resource
win7-20250207-en
resource tags

arch:x64arch:x86image:win7-20250207-enlocale:en-usos:windows7-x64system
submitted
16/02/2025, 01:02

Sharing

Copy URL

Twitter E-mail

Static task

static1

15 signatures

Behavioral task

behavioral1

Sample

241105-dtxrgatbpg_pw_infected.zip

Resource

win7-20240903-en

windows7-x64

0 signatures

900 seconds

Behavioral task

behavioral2

Sample

241105-dtxrgatbpg_pw_infected.zip

Resource

win10v2004-20250211-en

discovery

windows10-2004-x64

3 signatures

900 seconds

Behavioral task

behavioral3

Sample

d91912b4b945e88e881e54573390e6723cfc41916b6546453b59e60f9beee337.rar

Resource

win7-20241023-en

windows7-x64

3 signatures

900 seconds

Behavioral task

behavioral4

Sample

d91912b4b945e88e881e54573390e6723cfc41916b6546453b59e60f9beee337.rar

Resource

win10v2004-20250211-en

adware discovery persistence privilege_escalation stealer

windows10-2004-x64

21 signatures

900 seconds

Behavioral task

behavioral5

Sample

08751be484e1572995ebb085df1c2c6372084d63a64dce7fab28130d79a6ea2d.dll

Resource

win7-20250207-en

zloader main 26.02.2020 botnet discovery persistence trojan

windows7-x64

7 signatures

900 seconds

Behavioral task

behavioral6

Sample

08751be484e1572995ebb085df1c2c6372084d63a64dce7fab28130d79a6ea2d.dll

Resource

win10v2004-20250207-en

zloader botnet discovery persistence trojan

windows10-2004-x64

9 signatures

900 seconds

Behavioral task

behavioral7

Sample

0a9f79abd48b95544d7e2b6658637d1eb23067a94e10bf06d05c9ecc73cf4b51.exe

Resource

win7-20241010-en

discovery

windows7-x64

4 signatures

900 seconds

Behavioral task

behavioral8

Sample

0a9f79abd48b95544d7e2b6658637d1eb23067a94e10bf06d05c9ecc73cf4b51.exe

Resource

win10v2004-20250211-en

adware discovery persistence privilege_escalation stealer

windows10-2004-x64

20 signatures

900 seconds

Behavioral task

behavioral9

Sample

0di3x.exe

Resource

win7-20240903-en

smokeloader backdoor trojan

windows7-x64

3 signatures

900 seconds

Behavioral task

behavioral10

Sample

0di3x.exe

Resource

win10v2004-20250211-en

smokeloader adware backdoor discovery persistence privilege_escalation stealer trojan

windows10-2004-x64

25 signatures

900 seconds

Behavioral task

behavioral11

Sample

201106-9sxjh7tvxj_pw_infected.zip

Resource

win7-20250207-en

windows7-x64

0 signatures

900 seconds

Behavioral task

behavioral12

Sample

201106-9sxjh7tvxj_pw_infected.zip

Resource

win10v2004-20250211-en

discovery

windows10-2004-x64

3 signatures

900 seconds

Behavioral task

behavioral13

Sample

2019-09-02_22-41-10.exe

Resource

win7-20240729-en

smokeloader backdoor discovery trojan

windows7-x64

6 signatures

900 seconds

Behavioral task

behavioral14

Sample

2019-09-02_22-41-10.exe

Resource

win10v2004-20250211-en

smokeloader backdoor discovery trojan

windows10-2004-x64

9 signatures

900 seconds

Behavioral task

behavioral15

Sample

2c01b007729230c415420ad641ad92eb.exe

Resource

win7-20240903-en

hawkeye collection discovery keylogger persistence spyware stealer trojan

windows7-x64

18 signatures

900 seconds

Behavioral task

behavioral16

Sample

2c01b007729230c415420ad641ad92eb.exe

Resource

win10v2004-20250207-en

hawkeye collection discovery keylogger persistence spyware stealer trojan

windows10-2004-x64

19 signatures

900 seconds

Behavioral task

behavioral17

Sample

31.exe

Resource

win7-20241010-en

agenttesla danabot dharma formbook gozi qakbot raccoon 86920224 spx129 1590734339 i0qi w9z agilenet banker cryptone defense_evasion discovery execution impact keylogger packer persistence ransomware rat rezer0 rm3 spyware stealer trojan

windows7-x64

53 signatures

900 seconds

Behavioral task

behavioral18

Sample

31.exe

Resource

win10v2004-20250207-en

agenttesla danabot dharma formbook gozi raccoon 86920224 app i0qi w9z agilenet banker botnet cryptone defense_evasion discovery execution impact keylogger packer persistence ransomware rat rezer0 rm3 spyware stealer trojan

windows10-2004-x64

53 signatures

900 seconds

Behavioral task

behavioral19

Sample

3DMark 11 Advanced Edition.exe

Resource

win7-20240729-en

discovery

windows7-x64

1 signatures

900 seconds

Behavioral task

behavioral20

Sample

3DMark 11 Advanced Edition.exe

Resource

win10v2004-20250211-en

discovery

windows10-2004-x64

3 signatures

900 seconds

Behavioral task

behavioral21

Sample

42f972925508a82236e8533567487761.exe

Resource

win7-20240903-en

asyncrat babylonrat darkcomet njrat warzonerat null defense_evasion discovery infostealer persistence privilege_escalation rat trojan

windows7-x64

33 signatures

900 seconds

Behavioral task

behavioral22

Sample

42f972925508a82236e8533567487761.exe

Resource

win10v2004-20250211-en

asyncrat babylonrat darkcomet njrat warzonerat 2020nov1 null adware defense_evasion discovery infostealer persistence privilege_escalation rat stealer trojan

windows10-2004-x64

47 signatures

900 seconds

Behavioral task

behavioral23

Sample

5da0116af495e6d8af7241da9b8281d918b9ff9a98a3deab4cca1aec1e456c18.exe

Resource

win7-20240903-en

discovery persistence ransomware upx

windows7-x64

9 signatures

900 seconds

Behavioral task

behavioral24

Sample

5da0116af495e6d8af7241da9b8281d918b9ff9a98a3deab4cca1aec1e456c18.exe

Resource

win10v2004-20250207-en

discovery persistence ransomware upx

windows10-2004-x64

20 signatures

900 seconds

Behavioral task

behavioral25

Sample

6306868794.bin.zip

Resource

win7-20250207-en

windows7-x64

0 signatures

900 seconds

Behavioral task

behavioral26

Sample

6306868794.bin.zip

Resource

win10v2004-20250207-en

adware discovery persistence privilege_escalation stealer

windows10-2004-x64

20 signatures

900 seconds

Behavioral task

behavioral27

Sample

69c56d12ed7024696936fb69b4c6bee58174a275cb53fa966646a0b092d9626b.exe

Resource

win7-20240729-en

hakbit credential_access defense_evasion discovery execution ransomware spyware stealer

windows7-x64

20 signatures

900 seconds

Behavioral task

behavioral28

Sample

69c56d12ed7024696936fb69b4c6bee58174a275cb53fa966646a0b092d9626b.exe

Resource

win10v2004-20250211-en

hakbit credential_access defense_evasion discovery execution ransomware spyware stealer

windows10-2004-x64

21 signatures

900 seconds

Behavioral task

behavioral29

Sample

905d572f23883f5f161f920e53473989cf7dffc16643aa759f77842e54add550.exe

Resource

win7-20240903-en

revengerat execution stealer trojan

windows7-x64

12 signatures

900 seconds

Behavioral task

behavioral30

Sample

905d572f23883f5f161f920e53473989cf7dffc16643aa759f77842e54add550.exe

Resource

win10v2004-20250207-en

revengerat adware discovery execution persistence privilege_escalation stealer trojan

windows10-2004-x64

27 signatures

900 seconds

Behavioral task

behavioral31

Sample

948340be97cc69c2cf8e5c8327ee52a89eeb50095f978696c710ad773a46b654.exe

Resource

win7-20240903-en

revengerat victime persistence stealer trojan

windows7-x64

8 signatures

900 seconds

Behavioral task

behavioral32

Sample

948340be97cc69c2cf8e5c8327ee52a89eeb50095f978696c710ad773a46b654.exe

Resource

win10v2004-20250211-en

revengerat adware discovery persistence privilege_escalation stealer trojan

windows10-2004-x64

25 signatures

900 seconds

Report Analysis Logs

General

Target

201106-9sxjh7tvxj_pw_infected.zip
Size

162KB
MD5

be3fb61218c3f159acc5d2715662eef7
SHA1

c34ed3d26f606e0b59c5c6712a17638185f7db07
SHA256

b99f3781093d168fe884a5e9578589628d9df871f08aedc6cacddfb223339cb2
SHA512

94198ae99c40d9272ef30865f58fff78c919fd593625666c1c118e38cea73e91777148ea3167761565f9ab31693e3dc87893b5616ac39e7a84b38e616bee22a4
SSDEEP

3072:5gOrQAaFT9LjOAfocXVEvn7EAS2jePWkwlfBGk9JTwcJIVPlPGSdKNtZcRPAkSxo:RQ5FVOncF2SDPWkwfGk9JTwc2VRGkmtm

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\201106-9sxjh7tvxj_pw_infected.zip
1⤵
PID:764

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads