Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
227s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
02/02/2023, 13:28
General
-
Target
f45aa379a6862a5a6c8b66c2edd275e274a7d076.exe
-
Size
19KB
-
MD5
11cdc844d286157c33d3ac8d112920ab
-
SHA1
f45aa379a6862a5a6c8b66c2edd275e274a7d076
-
SHA256
f23a5634117ef9692f0463fdc8e5b3304b44a5ab0d4790d71f90f4a4ad927e9e
-
SHA512
e9afaa6061f3622e60e663ff3c67829962f2c982eea0a8683ad6b1f4fb70de2b41de6aba5a0496f535f5afd3e6fddf909d4313ce71450c707918e132cb778d2e
-
SSDEEP
384:reXmKzw1TybgIa3vATEXO5cbYND28IBlbhq2lj2tR:rR1W/a3WEen2hHMyjgR
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Drops file in System32 directory 1 IoCs
-
Drops file in Windows directory 2 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes
-
C:\Windows\Explorer.EXEC:\Windows\Explorer.EXE1⤵
-
C:\Users\Admin\AppData\Local\Temp\f45aa379a6862a5a6c8b66c2edd275e274a7d076.exe"C:\Users\Admin\AppData\Local\Temp\f45aa379a6862a5a6c8b66c2edd275e274a7d076.exe"2⤵
- Loads dropped DLL
- Adds Run key to start application
- Drops file in System32 directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
30KB
MD50882f5ea51fb3a216c0a07bdd0b4ac07
SHA1c315acae23171ce80665f54bbfac7011ced1b99e
SHA2569886d50b9def00254fc606c2a6fddba4691a5b3d4e039041b36ccd2fe8617b15
SHA5123c667d5c73dbf409173bd54d29f6ca2f5d113e1531be9c98b3333d4d9cc9bc659ab5595b517301f28a41d2f0c84c31de0710cdb97067c2695f6b4b159d87a529
-
Filesize
4KB
-
Filesize
4KB