Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

61b7d39f1a...58.exe

windows7-x64

3

61b7d39f1a...58.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    231s
  • max time network
    337s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    25/11/2022, 22:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    61b7d39f1a5bdcc8a4d0a1fc03e32aa7ca0d4a859d724821261987dfc4a7fd58.exe

  • Size

    92KB

  • MD5

    64cce064a7cad4eba097391809c31a81

  • SHA1

    73eb69519bc620f5bbbb6ccd73fd501fc2dbf86d

  • SHA256

    61b7d39f1a5bdcc8a4d0a1fc03e32aa7ca0d4a859d724821261987dfc4a7fd58

  • SHA512

    5fada706d13d5054b29dc4bdca8a2b733b0fc8a872420e7f3711256aabfb052eaa7da3a018667f40fdc35fdbe34fdc73cfa757fb7d898f30ae98d17de9af1242

  • SSDEEP

    1536:0mvA1iOwEOe+teZimEWF8IcBSpUac8lTVjEErxTWDTMqhGKYIZTET8u5j65UlFWJ:5AbyeElIUac81VjBkMqhGKZTbuwgWW

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\61b7d39f1a5bdcc8a4d0a1fc03e32aa7ca0d4a859d724821261987dfc4a7fd58.exe
    "C:\Users\Admin\AppData\Local\Temp\61b7d39f1a5bdcc8a4d0a1fc03e32aa7ca0d4a859d724821261987dfc4a7fd58.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1504
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1504 -s 36
      2⤵
      • Program crash
      PID:1484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1504-54-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download