Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    125s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7v200430
  • submitted
    09/07/2020, 13:47

General

  • Target

    45749008f5cc4f66ddead58ca19180e595d8b0b787441a520dc18888eb2523ad.exe

  • Size

    413KB

  • MD5

    f6f643a773dea43b3148244121024cf5

  • SHA1

    250566cbc4b160c9b8c8a398ffbffe7665676347

  • SHA256

    45749008f5cc4f66ddead58ca19180e595d8b0b787441a520dc18888eb2523ad

  • SHA512

    2098357394dae4fe3fbb5be6a057bfd728446ab7058a13145f07fd4afb8e3ef9343d18f9f2c344ebf6894a544f9e54954449aa50d773d3a55af31c35ad39f768

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Modifies system certificate store 2 TTPs 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\45749008f5cc4f66ddead58ca19180e595d8b0b787441a520dc18888eb2523ad.exe
    "C:\Users\Admin\AppData\Local\Temp\45749008f5cc4f66ddead58ca19180e595d8b0b787441a520dc18888eb2523ad.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious behavior: GetForegroundWindowSpam
    • Modifies system certificate store
    PID:376

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads