Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

tmp.exe

windows7-x64

1

tmp.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    28s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13/05/2023, 20:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp.exe

  • Size

    4.4MB

  • MD5

    11a9f299aebd45ea2eb9d0f95f735f95

  • SHA1

    b8233d67e3d4ae347a4816096fae7ac286645b36

  • SHA256

    81c20573a8c17279842d8f85653ad1f96f512ea6f888584fcd9e87792583b9eb

  • SHA512

    f9a25a0a32814ba77f258d256cc8946ba510396cb8c3ef20a3c39c27ddf788a1e80345f9689d858b47091a0e0bfc54f8be796b174aa4473d829fa8565070a7e1

  • SSDEEP

    98304:fTZKn7rT4opTW0Tglb+678JGIFLhLpPLazXY1k:7ZX0TGb+67OLhLFmzXYy

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tmp.exe
    "C:\Users\Admin\AppData\Local\Temp\tmp.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/924-54-0x0000000000200000-0x0000000000220000-memory.dmp

    Filesize

    128KB

    Download

  • memory/924-55-0x0000000000240000-0x0000000000260000-memory.dmp

    Filesize

    128KB

    Download

  • memory/924-56-0x0000000001C60000-0x0000000001C80000-memory.dmp

    Filesize

    128KB

    Download

  • memory/924-58-0x0000000001C60000-0x0000000001C80000-memory.dmp

    Filesize

    128KB

    Download

  • memory/924-57-0x0000000000240000-0x0000000000260000-memory.dmp

    Filesize

    128KB

    Download