Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

Scan.lnk

windows7-x64

10

Scan.lnk

windows10-2004-x64

10

torpat/mic...ng.dll

windows7-x64

10

torpat/mic...ng.dll

windows10-2004-x64

10

torpat/sueJl.cmd

windows7-x64

1

torpat/sueJl.cmd

windows10-2004-x64

1

Analysis

  • max time kernel
    84s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    02/12/2022, 19:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    torpat/sueJl.cmd

  • Size

    1KB

  • MD5

    76d70c596609b0ce870793b8d36fdd75

  • SHA1

    c6e8255b707459dcbe790d9ca6d4ef8332caeb09

  • SHA256

    ebeb93a0166f4482c596cb7894647538a9c87eb08cb3bfa1d9e529648eb80112

  • SHA512

    b89bc6d48f659ac3cc3829c1ef88d21038da6765b7c8237f4da20008296f30d5b2443b19863efa9c491d02e1836d8995c170a204e6aa96a18f00316fca03c3d8

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\torpat\sueJl.cmd"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1680
    • C:\Windows\system32\xcopy.exe
      xcopy /s /i /e /h torpat\micropublishing.dll C:\Users\Admin\AppData\Local\Temp\*
      2⤵
        PID:376

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads