Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

RAVAntivir...vc.exe

windows7-x64

1

RAVAntivir...vc.exe

windows10-2004-x64

1

RAVAntivir...st.exe

windows7-x64

1

RAVAntivir...st.exe

windows10-2004-x64

1

RAVAntivir...me.dll

windows7-x64

1

RAVAntivir...me.dll

windows10-2004-x64

1

RAVAntivir...ON.dll

windows7-x64

1

RAVAntivir...ON.dll

windows10-2004-x64

1

RAVAntivir....A.exe

windows7-x64

1

RAVAntivir....A.exe

windows10-2004-x64

1

RAVAntivir....S.exe

windows7-x64

1

RAVAntivir....S.exe

windows10-2004-x64

1

RAVAntivir...er.dll

windows7-x64

1

RAVAntivir...er.dll

windows10-2004-x64

1

RAVAntivir...on.exe

windows7-x64

1

RAVAntivir...on.exe

windows10-2004-x64

1

RAVAntivir...xe.xml

windows7-x64

1

RAVAntivir...xe.xml

windows10-2004-x64

1

RAVAntivir...me.dll

windows7-x64

1

RAVAntivir...me.dll

windows10-2004-x64

1

RAVAntivir...SC.exe

windows7-x64

1

RAVAntivir...SC.exe

windows10-2004-x64

1

RAVAntivir...nt.dll

windows7-x64

1

RAVAntivir...nt.dll

windows10-2004-x64

1

RAVAntivir...m.html

windows7-x64

1

RAVAntivir...m.html

windows10-2004-x64

1

RAVAntivir...47.dll

windows7-x64

3

RAVAntivir...47.dll

windows10-2004-x64

1

RAVAntivir...eg.dll

windows7-x64

1

RAVAntivir...eg.dll

windows10-2004-x64

1

RAVAntivir...GL.dll

windows7-x64

1

RAVAntivir...GL.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    43s
  • max time network
    51s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    24/09/2022, 23:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RAVAntivirus/rsRemediation.exe

  • Size

    133KB

  • MD5

    5759522b3a69cc0afe2ee52d2db81489

  • SHA1

    eeecf8df6398015dc5ddd9b072e8798fe82f6faa

  • SHA256

    b5777f61243958fe29e760089b213e1b691afd5c84296f1d3245cd40921f9b56

  • SHA512

    ffdc0fdf6d42c98f7cb40263d50eae4fe5e7e1e5feed11b8842b72e2c708e0b04451eed7163f2ece9a781a170f112e4efec93c17dbe3460244937433febf5234

  • SSDEEP

    1536:NjIJ/E19eM8p+H8GaAtxRuDTlrcLdrk3AgnMYln7HJTaRUL2MN1pfR87aY+Yzyy4:CJ/E1ay8GtcDqLdQ3l9lnNT526peA1Zz

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\RAVAntivirus\rsRemediation.exe
    "C:\Users\Admin\AppData\Local\Temp\RAVAntivirus\rsRemediation.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1500-54-0x0000000000320000-0x0000000000344000-memory.dmp

    Filesize

    144KB

    Download

  • memory/1500-55-0x0000000000450000-0x0000000000488000-memory.dmp

    Filesize

    224KB

    Download