Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20230712-en -
resource tags
-
submitted
23/08/2023, 23:31
General
-
Target
VoiceAI-was-rar.zip
-
Size
18.8MB
-
MD5
57cf1f2f4a758142c0b469f83141b499
-
SHA1
cb5bdfd3eace4bbee04d0f6f51a43010620050ae
-
SHA256
bab718975278b881b632c4359f90f93185302a79935f0be578f212ab4e7c3d6a
-
SHA512
0c6f49300cda56cb4eed89845c653a5832d3e71bbc422ddcdf3d8be0ccfc200bde227af76164b3c71edef005d400244a6117a4e3ff61fe1ce4795c8edcbfc21c
-
SSDEEP
393216:sEUmlE5zSteK210N1QRiZrpjP0n+feQ0F1i/zStey0uR6/wER:s/8UjuIiBZ0nh14/z60u63R
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\Explorer.exeC:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\VoiceAI-was-rar.zip1⤵
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe"1⤵
-
C:\Users\Admin\Documents\VoiceAI-was-rar\VoiceAiSetup.exe"C:\Users\Admin\Documents\VoiceAI-was-rar\VoiceAiSetup.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\Documents\VoiceAI-was-rar\VoiceAiSetup.exe"C:\Users\Admin\Documents\VoiceAI-was-rar\VoiceAiSetup.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.5MB
MD5e2bd5ae53427f193b42d64b8e9bf1943
SHA17c317aad8e2b24c08d3b8b3fba16dd537411727f
SHA256c4844b05e3a936b130adedb854d3c04d49ee54edb43e9d36f8c4ae94ccb78400
SHA512ae23a6707e539c619fd5c5b4fc6e4734edc91f89ebe024d25ff2a70168da6105ac0bd47cf6bf3715af6411963caf0acbb4632464e1619ca6361abf53adfe7036
-
Filesize
5.5MB
MD5e2bd5ae53427f193b42d64b8e9bf1943
SHA17c317aad8e2b24c08d3b8b3fba16dd537411727f
SHA256c4844b05e3a936b130adedb854d3c04d49ee54edb43e9d36f8c4ae94ccb78400
SHA512ae23a6707e539c619fd5c5b4fc6e4734edc91f89ebe024d25ff2a70168da6105ac0bd47cf6bf3715af6411963caf0acbb4632464e1619ca6361abf53adfe7036