Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

qwEP718oyT...oUy.js

windows7-x64

1

qwEP718oyT...oUy.js

windows10-2004-x64

10

Analysis

  • max time kernel
    1619s
  • max time network
    1622s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    17/09/2022, 21:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    qwEP718oyT2qxRdKZoUy.js

  • Size

    9.2MB

  • MD5

    63ad6f493f5c59783bc47316ef3b92af

  • SHA1

    c305e179439a10794fdf2f268fe1e3ab645d5983

  • SHA256

    67cbe3781f6f76624b4aa0190e5291be65126c254879bc301727d4407326a32a

  • SHA512

    bde7492e1a50f685158545557e978691055c83152fd6b72f32ac0bf393c727ceba24f6fe705fff632524ef9cd24a7e0f32e9f307387b43d214047b7e0a04f993

  • SSDEEP

    24576:/fG3epi7v1ed2ffe8vB3FG8S0Su9G3LK0UxRxJxzMvPOFzZHpARL37wtb9etQQOP:xfocZQ+ze+iq7lhrr4Rpf

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\wscript.exe
    wscript.exe C:\Users\Admin\AppData\Local\Temp\qwEP718oyT2qxRdKZoUy.js
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1924-54-0x0000000011D00000-0x0000000011DF6000-memory.dmp

    Filesize

    984KB

    Download

  • memory/1924-55-0x0000000023370000-0x000000002347C000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/1924-56-0x0000000004250000-0x00000000042B8000-memory.dmp

    Filesize

    416KB

    Download

  • memory/1924-57-0x00000000770B0000-0x0000000077259000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1924-58-0x00000000208D9000-0x00000000208F8000-memory.dmp

    Filesize

    124KB

    Download

  • memory/1924-59-0x00000000770B0000-0x0000000077259000-memory.dmp

    Filesize

    1.7MB

    Download