Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

Sprawls.cmd

windows7-x64

1

Sprawls.cmd

windows10-2004-x64

8

Unpreposse...re.wsf

windows7-x64

8

Unpreposse...re.wsf

windows10-2004-x64

8

Unpreposse...ty.jpg

windows7-x64

3

Unpreposse...ty.jpg

windows10-2004-x64

3

semihonorS...ng.cmd

windows7-x64

1

semihonorS...ng.cmd

windows10-2004-x64

8

semihonorS...th.jpg

windows7-x64

3

semihonorS...th.jpg

windows10-2004-x64

3

semihonorS...ck.jpg

windows7-x64

3

semihonorS...ck.jpg

windows10-2004-x64

3

Analysis

  • max time kernel
    34s
  • max time network
    30s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2022, 16:15 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Sprawls.cmd

  • Size

    398B

  • MD5

    8be9afced6299bfb683145290a892c66

  • SHA1

    8683bf70cb829b5a427c78987d3babbf28832564

  • SHA256

    6023190da512fe24e7ea54a7503665e7dc6d0b138f3457e0d52a32de8f8655e4

  • SHA512

    3c1c96e0db23d095dd2ae406cc98755fecfe478e2964fe128a0399b355bf561086d63ba4530142b57579dacf322e7f98aae8044a82d7c90286b8d9ba90841404

Score
1/10

Malware Config

Signatures

  • Runs ping.exe 1 TTPs 1 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Sprawls.cmd"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1980
    • C:\Windows\system32\cmd.exe
      C:\Windows\system32\cmd.exe /S /D /c" echo f"
      2⤵
        PID:1776
      • C:\Windows\system32\xcopy.exe
        xcopy C:\Windows\\\\\\system32\\\\\\wscript.exe C:\Users\Admin\AppData\Local\Temp\synechdochism.exe /h /s /e
        2⤵
          PID:1972
        • C:\Windows\system32\PING.EXE
          ping 87.31.194.42
          2⤵
          • Runs ping.exe
          PID:1316

      Network

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.