Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

2b81f7bd-c...31.zip

windows7-x64

1

2b81f7bd-c...31.zip

windows10-2004-x64

1

Analysis

  • max time kernel
    452s
  • max time network
    416s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    16/09/2022, 14:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2b81f7bd-c523-4f72-9810-e37f38273831.zip

  • Size

    5KB

  • MD5

    04c2e9d4d9a428957df9cd8e9e38484d

  • SHA1

    74f3f433302d9013e9ea343b6047fe38a3eeda5c

  • SHA256

    92ee9fd478b686427a2cfb44d0ddbb69251382bfe818b747d35b23d02d49d454

  • SHA512

    332abdc39ac41e1e1fcf42f49ae2eb397818bba868dffa570964daf92eb9a036f4639a3188a0f30980c86f9afc38ea53974e19b0ad383bf5e32c31dbbfd71bb8

  • SSDEEP

    96:Irs6Dgvl2xkt6bISnmXsZI2z+ZhS/PThFNHkX2rCNQb5HtDwFL46MpHg0kqCerDW:IfDgduE6sSnmsZknKCmr2U5HtcpGA3eO

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\2b81f7bd-c523-4f72-9810-e37f38273831.zip
    1⤵
      PID:868
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:1900
      • C:\Windows\system32\AUDIODG.EXE
        C:\Windows\system32\AUDIODG.EXE 0x57c
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2012

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1900-54-0x000007FEFB6B1000-0x000007FEFB6B3000-memory.dmp

        Filesize

        8KB

        Download