Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
127s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
14/06/2023, 13:03
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
winrar64.exe
Resource
win7-20230220-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
winrar64.exe
Resource
win10v2004-20230220-en
1 signatures
150 seconds
General
-
Target
winrar64.exe
-
Size
2.2MB
-
MD5
ece5dca87d315ada4404d82be660c934
-
SHA1
0b3bb3eae7be9ed184f2f5c627f8047ae6cec68c
-
SHA256
11a7dfe7553f163c7ac7fb20ef264253218f9c163bb971888d60ab9b5b4e60cb
-
SHA512
b2f9232912ef9bd7151e10ba5920e7a9a93ccc86b10fdc1904833fe2395836dfe07e07099a4649b07f8fc75fe7604662b08fa83694d2ae47d12862b00f2b5ea8
-
SSDEEP
49152:z1mqsk5P83kcteiVh7o1QnOKkR35M/o96Bj/ZhaPSp:zpPgoi81Q4R30ogp/jaPSp
Score
1/10
Malware Config
Signatures
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2961826002-3968192592-354541192-1000\Software\Microsoft\Internet Explorer\Main winrar64.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1340 winrar64.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 1340 winrar64.exe 1340 winrar64.exe