Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

155f0bcbce3eaee4.png

windows7-x64

3

Analysis

  • max time kernel
    632s
  • max time network
    634s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    02/05/2023, 22:53 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    155f0bcbce3eaee4.png

  • Size

    685B

  • MD5

    f58097ed86fb381b3fcbcd6502297b56

  • SHA1

    1e02d5960cd096f144ea9f66382dd78a4baebfa3

  • SHA256

    ece2c8247e008e501eda981f73af85498679b3f386da0d5dbb78459ff2ca9a4f

  • SHA512

    216de86d93563c4e82eceeedf9f07de1e64ab9040ab955502781b01daa7609af5e96750fae793df7fec41043a93203e065d943b0c17b08c658fb8b5394ef4c43

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 2 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\155f0bcbce3eaee4.png
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:1748

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1748-54-0x0000000000490000-0x0000000000491000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1748-55-0x0000000000490000-0x0000000000491000-memory.dmp

    Filesize

    4KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.