Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

27736769f6...42.exe

windows7-x64

8

27736769f6...42.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    46s
  • max time network
    51s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    20/10/2022, 13:10 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27736769f64c453cc7dc489181319228faaa39c993e774b2785d787597055f42.exe

  • Size

    62KB

  • MD5

    a02663d9b12af6c85196cfa0ad07da10

  • SHA1

    c724b0f7349d58b5908831298f5350b968d28eda

  • SHA256

    27736769f64c453cc7dc489181319228faaa39c993e774b2785d787597055f42

  • SHA512

    73527ff7a62d0c8e2d13c33804ff6cfc57c7b80b258624bcb84e13ef3d4b40c13186302750d35d374451cff06e6812767708ba4ad9fd1b3668d5aeab4a757a19

  • SSDEEP

    1536:MHoSCdeVMCT6ggMw4Y7FgG2xV89mTr39w6XJJzVt/2r:MHoLde/OgV432UcP39hXJZn/8

Score
8/10
persistenceupx

Malware Config

Signatures

  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs
  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\27736769f64c453cc7dc489181319228faaa39c993e774b2785d787597055f42.exe
    "C:\Users\Admin\AppData\Local\Temp\27736769f64c453cc7dc489181319228faaa39c993e774b2785d787597055f42.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Windows directory
    PID:1444

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1444-54-0x0000000000400000-0x0000000000429000-memory.dmp

    Filesize

    164KB

    Download

  • memory/1444-55-0x0000000000220000-0x0000000000224000-memory.dmp

    Filesize

    16KB

    Download

  • memory/1444-56-0x0000000000400000-0x0000000000429000-memory.dmp

    Filesize

    164KB

    Download

  • memory/1444-57-0x0000000000220000-0x0000000000224000-memory.dmp

    Filesize

    16KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.