Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7636b5661f...f4.exe

windows7-x64

10

7636b5661f...f4.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    2s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    02/02/2023, 13:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7636b5661f2b79f0b477d73824ec4694ddfab0f4.exe

  • Size

    15KB

  • MD5

    848d3d892ee36bdeebbb289583bc0168

  • SHA1

    7636b5661f2b79f0b477d73824ec4694ddfab0f4

  • SHA256

    4a783971628af63dac8300a5bf24c7ef049de5b927ab3c0d88e668a032d8ec4d

  • SHA512

    6e603d0c8a6a9d7cbca41c920cde6e1c917111d255935a70d8e98e8ce0a61c1a8e08f3ec9eb565d61377ea3e3924daef1a5cf4cd8c851d5dac6c4a8a65c5885d

  • SSDEEP

    384:xpi6sy/CTbO78KXfw7MhEtoG4hJNiBvnSZW8w:3iFy6mwKXYw6FeJAvWWp

Score
10/10
persistence

Malware Config

Signatures

  • Modifies WinLogon for persistence 2 TTPs 1 IoCs
    persistence
  • Modifies Installed Components in the registry 2 TTPs 2 IoCs
    persistence
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7636b5661f2b79f0b477d73824ec4694ddfab0f4.exe
    "C:\Users\Admin\AppData\Local\Temp\7636b5661f2b79f0b477d73824ec4694ddfab0f4.exe"
    1⤵
    • Modifies WinLogon for persistence
    • Modifies Installed Components in the registry
    • Suspicious use of SetWindowsHookEx
    PID:1076

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads