Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

m.vmp.exe

windows7-x64

5

m.vmp.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2023, 16:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    m.vmp.exe

  • Size

    12.8MB

  • MD5

    9143eea9d3b98c66eea0624b95e399f5

  • SHA1

    e136b1aff73539ea13cf1b9abf23f996c9ac93f7

  • SHA256

    ab563cdc5365564bf2fb9cfcc24d555b1d7503b72b76284249e87c7fe0d29701

  • SHA512

    954cf0584bbb4ffd09be7518ec7aa0edba8d46147a089b5042dceb6478fa3406ccdadb7d8fbeb293e70d82b6fa988fa0546b90a8fbcb0ab10fee10337ac546f0

  • SSDEEP

    196608:2UA0BKIOC3XXSpeloS4Bm4EUtOzSiCg9nMRK4Hq9FOJ2JZ7kQE9cwKdc:2+XnXSpZS4RtOznMRK4IJp1uJ

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\m.vmp.exe
    "C:\Users\Admin\AppData\Local\Temp\m.vmp.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:2896

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2896-54-0x000000013F680000-0x0000000140BBF000-memory.dmp

    Filesize

    21.2MB

    Download

  • memory/2896-55-0x0000000077940000-0x0000000077942000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2896-57-0x0000000077940000-0x0000000077942000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2896-60-0x0000000077790000-0x0000000077939000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2896-59-0x0000000077940000-0x0000000077942000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2896-61-0x0000000077970000-0x0000000077972000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2896-63-0x0000000077970000-0x0000000077972000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2896-65-0x0000000077970000-0x0000000077972000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2896-66-0x000000013F680000-0x0000000140BBF000-memory.dmp

    Filesize

    21.2MB

    Download

  • memory/2896-70-0x000000013F680000-0x0000000140BBF000-memory.dmp

    Filesize

    21.2MB

    Download

  • memory/2896-71-0x0000000077790000-0x0000000077939000-memory.dmp

    Filesize

    1.7MB

    Download