Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

处理材料/6.exe

windows7-x64

3

处理材料/6.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    16/08/2023, 09:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    处理材料/6.exe

  • Size

    805KB

  • MD5

    79a72d509cf678f8a9597862dfed29ab

  • SHA1

    c0a76aa26afa412248ba0528165e5a89df7c1c62

  • SHA256

    27c6371c3e13d821aa0094536b65887faf9d06f0993ad83175f91b1bf89d32ad

  • SHA512

    cbec117a9f32a77b0a6f29d72a2275fa53f81caa91d3ea1bbbc8584537911b88282f4600be4c83d32a2edb805c9057cc211e3e98a8aa3b5f1eea85612f6b6a8c

  • SSDEEP

    12288:gpQfW2/Rsn/Uvf+PQzxhbPkQayP2K8yI6Dr9t++VV43Q/7FpRIze:ED2pFvgixh7B+Kk6Drpy3Q/Ke

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\处理材料\6.exe
    "C:\Users\Admin\AppData\Local\Temp\处理材料\6.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2084

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2084-54-0x0000000000400000-0x00000000005BB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2084-55-0x0000000000230000-0x0000000000233000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2084-56-0x0000000000400000-0x00000000005BB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2084-57-0x0000000000230000-0x0000000000233000-memory.dmp

    Filesize

    12KB

    Download