Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

fcaab17d56...0d.exe

windows7-x64

fcaab17d56...0d.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    152s
  • max time network
    172s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/12/2022, 02:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fcaab17d566ebf9749d872e0f0a6d093876cc6694bbdb77893ed7b2a7446b00d.exe

  • Size

    112KB

  • MD5

    e67647087f4cd9ec9905392403f944fc

  • SHA1

    8a9e38b57e63520566fc612ae3f129f004a6eef9

  • SHA256

    fcaab17d566ebf9749d872e0f0a6d093876cc6694bbdb77893ed7b2a7446b00d

  • SHA512

    45816f28377567f86cc5f41e257c60885c08981ec77e0d502e22c7476194dd000b10829354a0f53e419bad63c8a2073adec9bc1ac71b9c15e92098c3fc6f4e2a

  • SSDEEP

    3072:s8Zc0haH53F/y0nzTd6UjIWVvn+o+OCU:w0qXzxHhv8O9

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fcaab17d566ebf9749d872e0f0a6d093876cc6694bbdb77893ed7b2a7446b00d.exe
    "C:\Users\Admin\AppData\Local\Temp\fcaab17d566ebf9749d872e0f0a6d093876cc6694bbdb77893ed7b2a7446b00d.exe"
    1⤵
      PID:1116
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1116 -s 504
        2⤵
        • Program crash
        PID:4800
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1116 -s 508
        2⤵
        • Program crash
        PID:1320
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 1116 -ip 1116
      1⤵
        PID:4932
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 1116 -ip 1116
        1⤵
          PID:3596

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1116-132-0x0000000000400000-0x0000000000429000-memory.dmp

          Filesize

          164KB

          Download

        • memory/1116-133-0x0000000000400000-0x0000000000429000-memory.dmp

          Filesize

          164KB

          Download