Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

winprofile

windows7-x64

5

winprofile

windows10-1703-x64

8

Analysis

  • max time kernel
    38s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    17/09/2022, 10:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    69366638da92e5871b80c1b1ac5c36ca499a407422137b34b43d948546a190ef.exe

  • Size

    722.4MB

  • MD5

    a2d302bbecc9b38529cc016adc334b17

  • SHA1

    323c64e329187281a418195191f5802a79bc70d9

  • SHA256

    69366638da92e5871b80c1b1ac5c36ca499a407422137b34b43d948546a190ef

  • SHA512

    9c299c215b2769ba3729426aab92e198fb966bd411ff550b0771c02404e550451ba8c36575969f5908c3a8dc40d3de670eabe4ba2bf5b06235eb1117b24c2b37

  • SSDEEP

    49152:q+G3R8rSAZkqqKR8GEOWT+RvTKVrcxO5VJhOYJH3/UTM:q+G3+rSikq7R8GEfEagxgbOCOM

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\69366638da92e5871b80c1b1ac5c36ca499a407422137b34b43d948546a190ef.exe
    "C:\Users\Admin\AppData\Local\Temp\69366638da92e5871b80c1b1ac5c36ca499a407422137b34b43d948546a190ef.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:780

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/780-54-0x00000000758C1000-0x00000000758C3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/780-55-0x0000000001030000-0x0000000001032000-memory.dmp

    Filesize

    8KB

    Download

  • memory/780-56-0x0000000001030000-0x0000000001988000-memory.dmp

    Filesize

    9.3MB

    Download

  • memory/780-57-0x0000000001030000-0x0000000001988000-memory.dmp

    Filesize

    9.3MB

    Download

  • memory/780-58-0x00000000FFBD0000-0x00000000FFFA1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/780-59-0x0000000001030000-0x0000000001988000-memory.dmp

    Filesize

    9.3MB

    Download