Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
15/05/2023, 11:15
230515-nc1rxaad5w 1015/05/2023, 09:17
230515-k9jm4saa21 1015/05/2023, 09:14
230515-k7vbtsfe86 3Analysis
-
max time kernel
123s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
15/05/2023, 09:14
General
-
Target
da9e335cd673f6fe0bba1fa82aa04e4c.zip
-
Size
137KB
-
MD5
261c02daf824cc91dfcc3cfbec2000f7
-
SHA1
f7b912f3115929948f1493ea136154f4a93e3075
-
SHA256
937f43ce0b39fca4de06bbeaa5aac7f4ff41397d24aff49ca1441534c7ad05db
-
SHA512
2fa58619abe99ed422de6d415c2455edf1aea266a57adf0d4fc0f8b3c1d1237c024403cac52cf2336890f3bb84f78b3f788425178f7356e2d62200ceb0038814
-
SSDEEP
3072:qjDGp7dXsl+oN7upch8mRKuOqsseTyRIFC4vIB3hadIiMZETB:q3G/Xsl+oN7MY8m4hj+8Cp9AdPMZEt
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Windows\Explorer.exeC:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\da9e335cd673f6fe0bba1fa82aa04e4c.zip1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Program Files\7-Zip\7zG.exe"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\AppData\Local\Temp\da9e335cd673f6fe0bba1fa82aa04e4c\" -spe -an -ai#7zMap24644:144:7zEvent177141⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow