Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
65s -
max time network
102s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
04/12/2022, 14:06 UTC
Errors
Reason
Machine shutdown
General
-
Target
deecbcb422ae8dc390fddd604bcaf7c4791a385ab5f9312ba742410c34addeb4.exe
-
Size
88KB
-
MD5
a9b06405ade1fb352a066ce169ee24a4
-
SHA1
6ef3ad7b20388f931c09313595628ad00cf1ab55
-
SHA256
deecbcb422ae8dc390fddd604bcaf7c4791a385ab5f9312ba742410c34addeb4
-
SHA512
1761ced06ba90942eb6670e71b7b7042243fcf7dfb7e4f6e33dd073201847237e37fa3ebf65acfe813f2cb36ba2eeaf2ee671f26460ee2ac7c58ced3eeb62831
-
SSDEEP
1536:IsCAFP8C3n/V3yUnyhROtB+PgGXgFkjXK5AKn9eNet9KLAStM/jwByVuTnT9KowX:IsCAp8C3n/VCUnsRfgQgajX/G9hKLASe
Score
8/10
Malware Config
Signatures
-
Modifies AppInit DLL entries 2 TTPs
-
Drops file in System32 directory 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\deecbcb422ae8dc390fddd604bcaf7c4791a385ab5f9312ba742410c34addeb4.exe"C:\Users\Admin\AppData\Local\Temp\deecbcb422ae8dc390fddd604bcaf7c4791a385ab5f9312ba742410c34addeb4.exe"1⤵
- Drops file in System32 directory
- Suspicious use of AdjustPrivilegeToken
-
C:\Windows\system32\LogonUI.exe"LogonUI.exe" /flags:0x01⤵
-
C:\Windows\system32\LogonUI.exe"LogonUI.exe" /flags:0x11⤵
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
92KB
-
Filesize
8KB
-
Filesize
92KB