Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
131s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230703-en -
resource tags
-
submitted
10/07/2023, 07:11
General
-
Target
f6d022437e3ebab46604ace297d22ef6.exe
-
Size
816KB
-
MD5
f6d022437e3ebab46604ace297d22ef6
-
SHA1
e768334e9e09c862f690d97a312e284e0de03cb1
-
SHA256
1f3550afc182c66a51c5d40bcafd4713f9b8552afbb52347185d98418d8c1549
-
SHA512
88b2ba4d5795270e2a964a06e0513bdd7b4739475de7c4259ac4a1b781d28754f03454d835a4523b9d41940ad7afbaebc803063887ed69fea450a1340202c15d
-
SSDEEP
12288:300zh1YnARzVrGgJoowTfehf/lHG6LbO35QPIwuYmmJ/9zaxmx86:39YARzVpWW7hPfbzaxmx8
Score
10/10
Malware Config
Signatures
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage 1 IoCs
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f6d022437e3ebab46604ace297d22ef6.exe"C:\Users\Admin\AppData\Local\Temp\f6d022437e3ebab46604ace297d22ef6.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2308 -s 6882⤵
- Program crash
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
208KB
-
Filesize
4KB
-
Filesize
840KB