Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

5617c58beb...c0.exe

windows7-x64

3

5617c58beb...c0.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    25s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    05/12/2022, 14:55 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5617c58bebe48682af4237f5b4fe1e4a245bf24fb14aac18505128173ab71cc0.exe

  • Size

    562KB

  • MD5

    fc85a34a40d33240773e792d03a86a16

  • SHA1

    6937d129ec4398456b0a0df900bbed433cba15da

  • SHA256

    5617c58bebe48682af4237f5b4fe1e4a245bf24fb14aac18505128173ab71cc0

  • SHA512

    0a178c5c495f542c053aa856c9ec821ef74393a2386799deb038cc8df4bc8fb6a71534af83d5e21806498cbf627cd0c81a3cd1ae390a593432c6fe5fb956a000

  • SSDEEP

    12288:8CK+qK4QIUJ6ItO49LpwEBXu+OKex+VwKDPFIihoGqz765OMFeg2:8ChqKgU79usbkx+VNJhofz765hK

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5617c58bebe48682af4237f5b4fe1e4a245bf24fb14aac18505128173ab71cc0.exe
    "C:\Users\Admin\AppData\Local\Temp\5617c58bebe48682af4237f5b4fe1e4a245bf24fb14aac18505128173ab71cc0.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:2000

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2000-54-0x0000000075DF1000-0x0000000075DF3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2000-55-0x0000000073FF1000-0x0000000073FF3000-memory.dmp

    Filesize

    8KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.