Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

DHL PACKAG...NT.exe

windows7_x64

3

DHL PACKAG...NT.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    43s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    27/05/2022, 15:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DHL PACKAGE DOCUMENT.exe

  • Size

    23KB

  • MD5

    cf65c6f1cb9b6847cf639bd57e8282d1

  • SHA1

    30e4a45690434c04643aa30456191fc78041caf4

  • SHA256

    49c7f9c1a11758309f55b563b54a44b734b39f185d1d5d63436adea38e44a03d

  • SHA512

    b554bd0f76522d5bd33d33481b8a98f37059f87be2cd651c012181c1c776e294831281c4e65b68104de62eae3feaa8f813b3ec8f2c827f5f438f7cfcec9ca7eb

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DHL PACKAGE DOCUMENT.exe
    "C:\Users\Admin\AppData\Local\Temp\DHL PACKAGE DOCUMENT.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1948
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1948 -s 1124
      2⤵
      • Program crash
      PID:1368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1948-54-0x0000000000BF0000-0x0000000000BFC000-memory.dmp

    Filesize

    48KB

    Download

  • memory/1948-55-0x0000000076721000-0x0000000076723000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1948-56-0x00000000729B0000-0x0000000073D3F000-memory.dmp

    Filesize

    19.6MB

    Download

  • memory/1948-57-0x0000000071FA0000-0x00000000729B0000-memory.dmp

    Filesize

    10.1MB

    Download

  • memory/1948-58-0x00000000717C0000-0x0000000071FA0000-memory.dmp

    Filesize

    7.9MB

    Download

  • memory/1948-59-0x00000000745E0000-0x00000000746DC000-memory.dmp

    Filesize

    1008KB

    Download

  • memory/1948-60-0x0000000071080000-0x00000000717BE000-memory.dmp

    Filesize

    7.2MB

    Download

  • memory/1948-62-0x00000000729B0000-0x0000000073D3F000-memory.dmp

    Filesize

    19.6MB

    Download

  • memory/1948-63-0x0000000071FA0000-0x00000000729B0000-memory.dmp

    Filesize

    10.1MB

    Download