Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

a730441d97...aN.exe

windows7-x64

10

a730441d97...aN.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2025, 07:40 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a730441d97ca9024447cbce67e7abe80607ff20ae84190461d0a71769f96b31aN.exe

  • Size

    3.4MB

  • MD5

    ca65e3f45f609bce76f0e1e106730f70

  • SHA1

    e03560158c408222dd92df707f85a5857b50c003

  • SHA256

    a730441d97ca9024447cbce67e7abe80607ff20ae84190461d0a71769f96b31a

  • SHA512

    bedf2f4dd179414133c8f427eefb2334cb9362564e2936db5fcffa694dcc756e852dda421453ad2ac07e3036b221307eb47bd0e33b423107fac39f222dde4d5a

  • SSDEEP

    49152:CWTtLBcXqFpBR6SVb8kq4pgquLMMji4NYxtJpkxhGjIqTv5333Wtd6WE:rtLutqgwh4NYxtJpkxhGd333WT6WE

Score
10/10
parallaxdiscoveryrat

Malware Config

Signatures

  • Parallax family
    parallax
  • ParallaxRat

    ParallaxRat is a multipurpose RAT written in MASM.

    ratparallax
  • ParallaxRat payload 3 IoCs

    Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a730441d97ca9024447cbce67e7abe80607ff20ae84190461d0a71769f96b31aN.exe
    "C:\Users\Admin\AppData\Local\Temp\a730441d97ca9024447cbce67e7abe80607ff20ae84190461d0a71769f96b31aN.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:2876

Network

    No results found
  • 45.88.106.148:80
    a730441d97ca9024447cbce67e7abe80607ff20ae84190461d0a71769f96b31aN.exe
    11.7kB
     9.0kB
     230
    225
No results found

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2876-0-0x0000000000770000-0x00000000007F0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2876-1-0x00000000776AF000-0x00000000776B0000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2876-2-0x0000000000810000-0x0000000000860000-memory.dmp

    Filesize

    320KB

    Download

  • memory/2876-3-0x0000000000400000-0x0000000000429000-memory.dmp

    Filesize

    164KB

    Download

  • memory/2876-4-0x0000000000770000-0x00000000007F0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2876-6-0x0000000000400000-0x0000000000429000-memory.dmp

    Filesize

    164KB

    Download

  • memory/2876-5-0x0000000000400000-0x000000000076F000-memory.dmp

    Filesize

    3.4MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.