Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    45s
  • max time network
    115s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    31/01/2023, 15:10

General

  • Target

    285febf3df0193ab2f228a5d50152d40ae1f958a49b6a00a58b1390b62240c20.exe

  • Size

    1.1MB

  • MD5

    45fcca0f4cc1250a1ed06fdd0a35c566

  • SHA1

    81d8879343caa21bf4d48101b65fb8a9ac0c5bb5

  • SHA256

    285febf3df0193ab2f228a5d50152d40ae1f958a49b6a00a58b1390b62240c20

  • SHA512

    7f33b0544c1dc864f94544ea2039bb06e282853ff100542c957f282467aff722d6e3b689b5da8760349e77086a8672d9cd3de0e6f042ab1912a71b9e936dac91

  • SSDEEP

    24576:RPyMNgDvgqz27bovjgUpf7yJ1rga/v7f3suwB:RPyYqke7Srf

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\285febf3df0193ab2f228a5d50152d40ae1f958a49b6a00a58b1390b62240c20.exe
    "C:\Users\Admin\AppData\Local\Temp\285febf3df0193ab2f228a5d50152d40ae1f958a49b6a00a58b1390b62240c20.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1396

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1396-54-0x0000000001010000-0x0000000001138000-memory.dmp

    Filesize

    1.2MB

  • memory/1396-55-0x00000000760E1000-0x00000000760E3000-memory.dmp

    Filesize

    8KB

  • memory/1396-56-0x0000000009BD0000-0x0000000009E7E000-memory.dmp

    Filesize

    2.7MB

  • memory/1396-57-0x0000000004E85000-0x0000000004E96000-memory.dmp

    Filesize

    68KB