Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

417a9d29ff...df.exe

windows7-x64

6

417a9d29ff...df.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    40s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23/11/2022, 20:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    417a9d29ff3f7fd5aa31c568f64e205ddc49fecd3e2e8daf2076f109303522df.exe

  • Size

    57KB

  • MD5

    1d22b1f36658f2b5964b9a79ef591510

  • SHA1

    69ccd53a192ea90915dfabcfdc62eb7ee57394ae

  • SHA256

    417a9d29ff3f7fd5aa31c568f64e205ddc49fecd3e2e8daf2076f109303522df

  • SHA512

    b4f4de3706fb59422102fdf4d53e0f35b2506211e44814456d3329ed0e64865869494a1232fa09ba625e077bb578b8a8d8e98983f2c37ba2294abd0892e2e222

  • SSDEEP

    1536:9DEGo3gLQ/PacfuGkGVGUELSEfEnEhESEdEW6:9DqgLCPacfuGkGVGUISSSSf0Z6

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 4 IoCs
    persistence
  • Drops file in System32 directory 4 IoCs
  • Modifies registry class 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\417a9d29ff3f7fd5aa31c568f64e205ddc49fecd3e2e8daf2076f109303522df.exe
    "C:\Users\Admin\AppData\Local\Temp\417a9d29ff3f7fd5aa31c568f64e205ddc49fecd3e2e8daf2076f109303522df.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    • Modifies registry class
    PID:560

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/560-54-0x0000000076041000-0x0000000076043000-memory.dmp

    Filesize

    8KB

    Download