Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    41s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2022, 15:19

General

  • Target

    e2ff73e884b302566f092150fee820060e9d47a594d7c1214de3b6fc053fbfd6.exe

  • Size

    84KB

  • MD5

    1319ba657737e460ad9c2401a2757320

  • SHA1

    cd7425fba09f79059e0325ac2fa97156f41dfcb0

  • SHA256

    e2ff73e884b302566f092150fee820060e9d47a594d7c1214de3b6fc053fbfd6

  • SHA512

    31465a64ba0438b83dca7e1db858134bfb9e2b8fa2b288263b313ae91670ca38e6a7a4a77a16bdaa1fa78e98dbf5442f48010b8c206b1e9457ab3ffae7598b5b

  • SSDEEP

    768:v3ncJu5hBXF2pmiq2V41xNmAFgGyi4XwP13GT9W28z/zMp5xAFiE3s:v3cJu5hBVWq2kN6LXwPVGT9lgA5gs

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e2ff73e884b302566f092150fee820060e9d47a594d7c1214de3b6fc053fbfd6.exe
    "C:\Users\Admin\AppData\Local\Temp\e2ff73e884b302566f092150fee820060e9d47a594d7c1214de3b6fc053fbfd6.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1400
  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1216
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 1216 -s 1784
        2⤵
        • Program crash
        PID:1872

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1400-54-0x0000000075571000-0x0000000075573000-memory.dmp

      Filesize

      8KB