Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
12/05/2023, 01:40
230512-b3nh2sde7w 712/05/2023, 01:39
230512-b2yydsde7v 712/05/2023, 01:37
230512-b2bsvsbc43 7Analysis
-
max time kernel
1s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
12/05/2023, 01:37
Behavioral task
behavioral1
Sample
NOTMALWARE.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
NOTMALWARE.exe
Resource
win10-20230220-en
General
-
Target
NOTMALWARE.exe
-
Size
6.1MB
-
MD5
8de136c99e448cb3787336570197ef0b
-
SHA1
07612a501d123fc9876dc5a6b5d8f1459a2d50a3
-
SHA256
d199504123a0ddfacd241bc39fff0d15d2eba859c8ecc95a89e058067c7b5021
-
SHA512
29c657f4cfe8f192b1e7f96694209b2e692f63d689c4827226410c2561b46908296d07e02b47d099866389f348fa0fc68d891a3f343e3735e970be9b41ca4af5
-
SSDEEP
98304:8oZIfh7ZMD/x/0feyGutbQ940BDlgwdnpka9R/k9t+2MGt+Nkpogug6ZqREPOhIv:8mmuDfyGuwBdnpkYRM66ogVCmh
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 572 NOTMALWARE.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1716 wrote to memory of 572 1716 NOTMALWARE.exe 27 PID 1716 wrote to memory of 572 1716 NOTMALWARE.exe 27 PID 1716 wrote to memory of 572 1716 NOTMALWARE.exe 27
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.3MB
MD563a1fa9259a35eaeac04174cecb90048
SHA10dc0c91bcd6f69b80dcdd7e4020365dd7853885a
SHA25614b06796f288bc6599e458fb23a944ab0c843e9868058f02a91d4606533505ed
SHA512896caa053f48b1e4102e0f41a7d13d932a746eea69a894ae564ef5a84ef50890514deca6496e915aae40a500955220dbc1b1016fe0b8bcdde0ad81b2917dea8b
-
Filesize
4.3MB
MD563a1fa9259a35eaeac04174cecb90048
SHA10dc0c91bcd6f69b80dcdd7e4020365dd7853885a
SHA25614b06796f288bc6599e458fb23a944ab0c843e9868058f02a91d4606533505ed
SHA512896caa053f48b1e4102e0f41a7d13d932a746eea69a894ae564ef5a84ef50890514deca6496e915aae40a500955220dbc1b1016fe0b8bcdde0ad81b2917dea8b