Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

MALZEMELER...ER.exe

windows7-x64

3

MALZEMELER...ER.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    58s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    16/05/2023, 10:47 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MALZEMELER İÇİN BELGELER.exe

  • Size

    834KB

  • MD5

    1436f910ff222cb17c6a5e96d7d0a69f

  • SHA1

    cba67e2d2247e0474cc0267e9660f203ac1904fb

  • SHA256

    5d9bb423fe6b1cb4fa77edde15ac108d779750606fe6dc904c3190af91b4af75

  • SHA512

    2a83b509caddc264b654320c90abbaa7bdec0052e1dd957eafabf4ea8a8c8869fead4c6faf9f0c36cbb71fcc9d1bca01747f35a89d108912ad5705d7557a4f5b

  • SSDEEP

    12288:lY8v5vljUqYes048f+BdY2spdbBJolfK9MpCPJcXbMoY:J+esj8fkS2wpBJJMpHX

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MALZEMELER İÇİN BELGELER.exe
    "C:\Users\Admin\AppData\Local\Temp\MALZEMELER İÇİN BELGELER.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:836
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 836 -s 696
      2⤵
      • Program crash
      PID:968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/836-54-0x0000000000A50000-0x0000000000B26000-memory.dmp

    Filesize

    856KB

    Download

  • memory/836-55-0x00000000009D0000-0x0000000000A10000-memory.dmp

    Filesize

    256KB

    Download

  • memory/836-56-0x0000000000310000-0x0000000000322000-memory.dmp

    Filesize

    72KB

    Download

  • memory/836-57-0x00000000009D0000-0x0000000000A10000-memory.dmp

    Filesize

    256KB

    Download

  • memory/836-58-0x0000000000330000-0x000000000033A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/836-59-0x0000000004F30000-0x0000000004F92000-memory.dmp

    Filesize

    392KB

    Download

  • memory/836-60-0x0000000002350000-0x0000000002378000-memory.dmp

    Filesize

    160KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.