Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

c55f09a891...ee.exe

windows7-x64

8

c55f09a891...ee.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    79s
  • max time network
    89s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    06/12/2022, 23:24 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c55f09a891e4f5a810b755fb45b440da012f858d12751d46308231e5a02429ee.exe

  • Size

    124KB

  • MD5

    a28c569bd67c67f65c33780fbc05f620

  • SHA1

    b71dff23283c19f85588280bb4211437b0c0b466

  • SHA256

    c55f09a891e4f5a810b755fb45b440da012f858d12751d46308231e5a02429ee

  • SHA512

    ed7e2b7e6d009008e841e12b3200511cae0d4fb7635eb505b4d133085af45fd2a2ad0c9c9f7c49c144bb5bb423faa570ccf9c555031bb8433d40f528b13ec66a

  • SSDEEP

    3072:INahqihVU3WpgfEW4MuZHoEWAE5zYUoh:3M6I96lWzT

Score
8/10
persistence

Malware Config

Signatures

  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c55f09a891e4f5a810b755fb45b440da012f858d12751d46308231e5a02429ee.exe
    "C:\Users\Admin\AppData\Local\Temp\c55f09a891e4f5a810b755fb45b440da012f858d12751d46308231e5a02429ee.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:940
  • C:\Windows\system32\LogonUI.exe
    "LogonUI.exe" /flags:0x0
    1⤵
      PID:584
    • C:\Windows\system32\LogonUI.exe
      "LogonUI.exe" /flags:0x1
      1⤵
        PID:1020

      Network

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/584-56-0x000007FEFC091000-0x000007FEFC093000-memory.dmp

        Filesize

        8KB

        Download

      • memory/940-54-0x0000000001000000-0x0000000001020000-memory.dmp

        Filesize

        128KB

        Download

      • memory/940-55-0x0000000075931000-0x0000000075933000-memory.dmp

        Filesize

        8KB

        Download

      • memory/940-57-0x0000000001000000-0x0000000001020000-memory.dmp

        Filesize

        128KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.