Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

DriverSuit...in.exe

windows7-x64

10

DriverSuit...in.exe

windows10-2004-x64

10

SIack_Desk_v3-271.exe

windows7-x64

7

SIack_Desk_v3-271.exe

windows10-2004-x64

7

rev_3286/A...me.xml

windows7-x64

1

rev_3286/A...me.xml

windows10-2004-x64

3

rev_3286/A...gs.xml

windows7-x64

1

rev_3286/A...gs.xml

windows10-2004-x64

3

rev_3286/E...ng.xml

windows7-x64

1

rev_3286/E...ng.xml

windows10-2004-x64

3

rev_3286/E...ot.xml

windows7-x64

1

rev_3286/E...ot.xml

windows10-2004-x64

3

rev_3286/FileSys.xml

windows7-x64

1

rev_3286/FileSys.xml

windows10-2004-x64

3

rev_3286/SkyDrive.xml

windows7-x64

1

rev_3286/SkyDrive.xml

windows10-2004-x64

3

rev_3286/WinCal.xml

windows7-x64

1

rev_3286/WinCal.xml

windows10-2004-x64

3

rev_3286/W...in.xml

windows7-x64

1

rev_3286/W...in.xml

windows10-2004-x64

3

rev_3286/inetres.xml

windows7-x64

1

rev_3286/inetres.xml

windows10-2004-x64

3

rev_3286/msched.xml

windows7-x64

1

rev_3286/msched.xml

windows10-2004-x64

3

rev_3286/s...ce.xml

windows7-x64

1

rev_3286/s...ce.xml

windows10-2004-x64

3

rev_3286/s...ms.xml

windows7-x64

1

rev_3286/s...ms.xml

windows10-2004-x64

3

rev_3286/s...at.xml

windows7-x64

1

rev_3286/s...at.xml

windows10-2004-x64

3

rev_3286/s...me.xml

windows7-x64

1

rev_3286/s...me.xml

windows10-2004-x64

3

Analysis

  • max time kernel
    125s
  • max time network
    174s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/07/2023, 01:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    rev_3286/WinCal.xml

  • Size

    1KB

  • MD5

    bede56a7aef6b3db49ab7d2eb3f2870a

  • SHA1

    bc18289b953a8ac6c0c8e519f72e6adee933ff98

  • SHA256

    1fc29fc668043aa03ffeb2d61868d3369479c3cef2c4725d162cf5344dcbdcfa

  • SHA512

    2bde0a5f1983b08379c262f86aadf8635834674981faf7feb3ebc39b12ece95b21203be82fde2fe88f6a662836374a7ac3d6fb8057d5273923259b3af206a3a6

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\rev_3286\WinCal.xml"
    1⤵
      PID:4888
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 4888 -s 448
        2⤵
        • Program crash
        PID:5044
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 408 -p 4888 -ip 4888
      1⤵
        PID:4976

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4888-134-0x00007FFA8C0F0000-0x00007FFA8C2E5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4888-133-0x00007FFA4C170000-0x00007FFA4C180000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4888-135-0x00007FFA8C0F0000-0x00007FFA8C2E5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4888-136-0x00007FFA8C0F0000-0x00007FFA8C2E5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4888-137-0x00007FFA8C0F0000-0x00007FFA8C2E5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4888-138-0x00007FFA4C170000-0x00007FFA4C180000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4888-139-0x00007FFA8C0F0000-0x00007FFA8C2E5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4888-140-0x00007FFA898A0000-0x00007FFA89B69000-memory.dmp

        Filesize

        2.8MB

        Download