Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

e5618fbe2b...19.exe

windows7-x64

6

e5618fbe2b...19.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    43s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2022, 21:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e5618fbe2bda7b3287048549f50091158d90ae29d7c56d07696ff4e1db0a4c19.exe

  • Size

    188KB

  • MD5

    6f4cf3ecf6be52fa34ea96afd2f83640

  • SHA1

    b16c23b3a1de6b28a0e11a1aad8dfe4c29dd1c23

  • SHA256

    e5618fbe2bda7b3287048549f50091158d90ae29d7c56d07696ff4e1db0a4c19

  • SHA512

    c18dacb48ab572298cda570865261efaa35a54215ae9ea3811ddff6e7165c0af1ec8e9e46d200efb69f0a3693950cbe39bce2e355e403bad9323543157c3be70

  • SSDEEP

    3072:VqsLqGotsSVi/wic8szdc1HhxLa3ol/5EMrxrG6+r90VCBdkosBRg6+:VqsLqPaSVi/DjA8xL2oXEArG6+p0VC+O

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e5618fbe2bda7b3287048549f50091158d90ae29d7c56d07696ff4e1db0a4c19.exe
    "C:\Users\Admin\AppData\Local\Temp\e5618fbe2bda7b3287048549f50091158d90ae29d7c56d07696ff4e1db0a4c19.exe"
    1⤵
    • Drops file in Windows directory
    PID:1336

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1336-54-0x00000000762D1000-0x00000000762D3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1336-55-0x0000000000310000-0x000000000033F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1336-59-0x0000000000020000-0x0000000000040000-memory.dmp

    Filesize

    128KB

    Download