Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Robert Sop...ns.zip

windows7-x64

1

Robert Sop...ns.zip

windows10-2004-x64

1

Resubmissions

13/02/2023, 21:15

230213-z343ssgc96 10

13/02/2023, 21:10

230213-z1gjqafg3t 1

13/02/2023, 21:08

230213-zzdrfagc76 1

13/02/2023, 21:03

230213-zv677aff8z 1

13/02/2023, 21:01

230213-zt4qnsff7y 1

Analysis

  • max time kernel
    55s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    13/02/2023, 21:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Robert Sopko Tax Returns.zip

  • Size

    899B

  • MD5

    aa5d8f3cc407183a449035e22adb41a7

  • SHA1

    46baf627df4721b3bb1d57ac6cad3a0115271e06

  • SHA256

    9beab2df8086678f91523428edf8c364e7da48ab94b330eecc7d791d456ba220

  • SHA512

    20908c127d39d81c39ab6fd23a2ed01e55d1b2c1f835704a50899180669fe81af2d9106c3c47056d1ab5d44abbd13c3be2a7665c20413a4fdf20bd752a45d259

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\Robert Sopko Tax Returns.zip"
    1⤵
      PID:960
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x1c0
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:1872

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads