Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

14d6f2f03b...d1.exe

windows7-x64

1

14d6f2f03b...d1.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    04/12/2022, 07:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    14d6f2f03b6a8f35a5e42463673ab35d8a5fd16123a51a7f94a565d436cb9ad1.exe

  • Size

    112KB

  • MD5

    009e0c38258fb6418bc33a9276689676

  • SHA1

    25fe6c895af330bec3ff654728b80faf097a6e83

  • SHA256

    14d6f2f03b6a8f35a5e42463673ab35d8a5fd16123a51a7f94a565d436cb9ad1

  • SHA512

    a224e7174e248d8ba477ae2949190a4e7f6aee4fb7ce9439e81c79725167e0f2a840d4ef620b78dfdac2064623bc7a4ab7cc8b9e00836f87d42a28c0dfebfceb

  • SSDEEP

    1536:m5x9bSpT+fj6f6wQdjfvqD5O5IJvmP0iE3BoS6v5g5QpaJbyBN1VcKcLYTuY/:m4pT+5dzvm5JvswQ2mpaJmbVIK/

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\14d6f2f03b6a8f35a5e42463673ab35d8a5fd16123a51a7f94a565d436cb9ad1.exe
    "C:\Users\Admin\AppData\Local\Temp\14d6f2f03b6a8f35a5e42463673ab35d8a5fd16123a51a7f94a565d436cb9ad1.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1748
    • C:\Windows\SysWOW64\svchost.exe
      svchost.exe
      2⤵
        PID:928

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/928-58-0x0000000000080000-0x000000000008A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/928-56-0x0000000000080000-0x000000000008A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/928-63-0x0000000000ED0000-0x0000000000ED8000-memory.dmp

      Filesize

      32KB

      Download

    • memory/928-64-0x0000000000080000-0x000000000008A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/1748-54-0x0000000075D01000-0x0000000075D03000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1748-55-0x0000000000400000-0x0000000000428000-memory.dmp

      Filesize

      160KB

      Download

    • memory/1748-62-0x0000000000230000-0x0000000000233000-memory.dmp

      Filesize

      12KB

      Download

    • memory/1748-61-0x0000000000400000-0x0000000000414000-memory.dmp

      Filesize

      80KB

      Download