Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

5fe9c08863...1a.exe

windows7-x64

4

5fe9c08863...1a.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    27s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    30/11/2022, 23:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5fe9c088630d7292c602acf6060ab41969a38527db44375d4532c587333f5e1a.exe

  • Size

    84KB

  • MD5

    0725da1013a5f222350a9387ca39c5dc

  • SHA1

    35d0e3a32cba83c14858c46130bb8fdb7bbc2610

  • SHA256

    5fe9c088630d7292c602acf6060ab41969a38527db44375d4532c587333f5e1a

  • SHA512

    5fff65a8922e0da0ab91f9c8d121c1825f4138093f94b90bf48bcee9b241e6c49b6e2feb2b3d87509f77f02e7f9c12b50ff5c4b829681aa3b173d261e8f04cda

  • SSDEEP

    1536:qwm8nBjqs32bxPpBRy32Z6gJlyiKqVo6EUx:5m8nBjTmbxRBRN6WYiKqVo6Zx

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of WriteProcessMemory 1 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1220
      • C:\Users\Admin\AppData\Local\Temp\5fe9c088630d7292c602acf6060ab41969a38527db44375d4532c587333f5e1a.exe
        "C:\Users\Admin\AppData\Local\Temp\5fe9c088630d7292c602acf6060ab41969a38527db44375d4532c587333f5e1a.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:1960

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads