Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

420f013d99...e0.exe

windows7-x64

3

420f013d99...e0.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    85s
  • max time network
    109s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2022, 17:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    420f013d999fdafb526f5af67035a36c2faa02a9f6b6c78eba63afc357b54de0.exe

  • Size

    132KB

  • MD5

    5515aa88c0de81d07abd386791665aa9

  • SHA1

    d0c8231aba495037b5acbdb9893127aba82b5460

  • SHA256

    420f013d999fdafb526f5af67035a36c2faa02a9f6b6c78eba63afc357b54de0

  • SHA512

    300288f398ae767c72a6ab481ae959600619993031ce2c9ab1a887166e7480a35919c3bcbd16f4582f3b35464bf6210546dd6f49ecaabe63a2520a6b69f63057

  • SSDEEP

    3072:tQ9dpyIIWwRXn3P+AG3v3/nM3GHk75+atqg7G2B9v:tcdoL5+acmhzv

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\420f013d999fdafb526f5af67035a36c2faa02a9f6b6c78eba63afc357b54de0.exe
    "C:\Users\Admin\AppData\Local\Temp\420f013d999fdafb526f5af67035a36c2faa02a9f6b6c78eba63afc357b54de0.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1492

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1492-57-0x0000000075811000-0x0000000075813000-memory.dmp

    Filesize

    8KB

    Download