Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

abfaed1214...5b.exe

windows7-x64

5

abfaed1214...5b.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    33s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2022, 07:00 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    abfaed1214bd3be7c22ffb7ed5925fa394bf8a8bbcea1ea330bcf6c129101a5b.exe

  • Size

    171KB

  • MD5

    61e459ee8ec887de2a6d5449ca711419

  • SHA1

    8f6017067481b39b7647d8c4bcf306b7fbdc4651

  • SHA256

    abfaed1214bd3be7c22ffb7ed5925fa394bf8a8bbcea1ea330bcf6c129101a5b

  • SHA512

    2405013c012bcb1da50d290973a3a90666dd3b89fc266d6df740f9f783f2b0b7a25f7c85bd32710cac58dd48958569004226e6c7d07013f2fa4261be41ecbb6e

  • SSDEEP

    3072:86H3zdPAk3/cfMt+dIqAA8h+a328qbtgeel3yw9nL0uiAJ7Q+wu4Cf73ya:HXBPj3/cfMQ6ZAcozepL0mpQ+fGa

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1284
      • C:\Users\Admin\AppData\Local\Temp\abfaed1214bd3be7c22ffb7ed5925fa394bf8a8bbcea1ea330bcf6c129101a5b.exe
        "C:\Users\Admin\AppData\Local\Temp\abfaed1214bd3be7c22ffb7ed5925fa394bf8a8bbcea1ea330bcf6c129101a5b.exe"
        2⤵
        • Suspicious use of SetThreadContext
        • Suspicious use of WriteProcessMemory
        PID:1928
        • C:\Users\Admin\AppData\Local\Temp\abfaed1214bd3be7c22ffb7ed5925fa394bf8a8bbcea1ea330bcf6c129101a5b.exe
          C:\Users\Admin\AppData\Local\Temp\abfaed1214bd3be7c22ffb7ed5925fa394bf8a8bbcea1ea330bcf6c129101a5b.exe
          3⤵
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of WriteProcessMemory
          PID:1944

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1284-66-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

      Filesize

      28KB

      Download

    • memory/1928-63-0x0000000000400000-0x000000000046E000-memory.dmp

      Filesize

      440KB

      Download

    • memory/1944-54-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1944-55-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1944-57-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1944-59-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1944-64-0x0000000000400000-0x0000000000408960-memory.dmp

      Filesize

      34KB

      Download

    • memory/1944-65-0x0000000076031000-0x0000000076033000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1944-69-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.