Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

8faa2bb0ec...f0.exe

windows7-x64

1

8faa2bb0ec...f0.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/08/2023, 13:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8faa2bb0ecdb43272081ac682f124c8b83b30551b6cd87fcc396606792e90df0.exe

  • Size

    6.1MB

  • MD5

    78a40c39310b63090c7b831de79b4b42

  • SHA1

    9a01c5678e1cedc96edb9fc1af4ad48232d7e600

  • SHA256

    8faa2bb0ecdb43272081ac682f124c8b83b30551b6cd87fcc396606792e90df0

  • SHA512

    54147d7972a3d95ebfd9139b926609aa86d9d8baa97b55eb15aa56f92d79af78d759e5f0fae1dea732430dc5ec8f22f3ab2ee5ffa91cec387a14a13b235fb622

  • SSDEEP

    98304:+29Z71nqlscCqTGMgtDHjiFKuKz29dNmZRDzpS2unwsoJoB:+KqnMtuWpVEb

Score
3/10

Malware Config

Signatures

  • Program crash 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8faa2bb0ecdb43272081ac682f124c8b83b30551b6cd87fcc396606792e90df0.exe
    "C:\Users\Admin\AppData\Local\Temp\8faa2bb0ecdb43272081ac682f124c8b83b30551b6cd87fcc396606792e90df0.exe"
    1⤵
      PID:4328
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4328 -s 932
        2⤵
        • Program crash
        PID:4772
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4328 -s 968
        2⤵
        • Program crash
        PID:3008
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4328 -s 140
        2⤵
        • Program crash
        PID:3992
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 4328 -ip 4328
      1⤵
        PID:4344
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 4328 -ip 4328
        1⤵
          PID:4256
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4328 -ip 4328
          1⤵
            PID:4392

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/4328-133-0x0000000000400000-0x0000000001816000-memory.dmp

            Filesize

            20.1MB

            Download

          • memory/4328-134-0x0000000000400000-0x0000000001816000-memory.dmp

            Filesize

            20.1MB

            Download

          • memory/4328-135-0x0000000000400000-0x0000000001816000-memory.dmp

            Filesize

            20.1MB

            Download

          • memory/4328-136-0x00000000044B0000-0x00000000044B1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/4328-138-0x0000000000400000-0x0000000001816000-memory.dmp

            Filesize

            20.1MB

            Download