Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

81c2ef74de...78.exe

windows7-x64

6

81c2ef74de...78.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    127s
  • max time network
    138s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/08/2023, 07:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    81c2ef74de1b200a66937794dcc41e7987e6607f7f5411169257a5edd3838a78.exe

  • Size

    316KB

  • MD5

    b24fa06cea4f1f948cff4bf4957c7cad

  • SHA1

    2c97238a807da33e913fcb9ae7a0b86828429e0c

  • SHA256

    81c2ef74de1b200a66937794dcc41e7987e6607f7f5411169257a5edd3838a78

  • SHA512

    33d54ef68b856b65544b55f3846a764e5e7406fad5c50f24d3f23180e23f31184fec3aad6cfd0072ee092881da20794fe8dd0dc7232978e5fdc5545437672aa4

  • SSDEEP

    1536:ZNLIGsdtktdi+jzaPx48i2K8i2r8i2h8i248i2X8i258i2u8i268i2:Z0tktdi+GxuF8mXMu1t

Score
3/10

Malware Config

Signatures

  • Program crash 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\81c2ef74de1b200a66937794dcc41e7987e6607f7f5411169257a5edd3838a78.exe
    "C:\Users\Admin\AppData\Local\Temp\81c2ef74de1b200a66937794dcc41e7987e6607f7f5411169257a5edd3838a78.exe"
    1⤵
      PID:1820
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1820 -s 240
        2⤵
        • Program crash
        PID:5076
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1820 -s 260
        2⤵
        • Program crash
        PID:3252
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 1820 -ip 1820
      1⤵
        PID:4240
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -pss -s 532 -p 1820 -ip 1820
        1⤵
          PID:2288

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1820-0-0x0000000000720000-0x0000000000771258-memory.dmp

          Filesize

          324KB

          Download

        • memory/1820-1-0x0000000000720000-0x0000000000771258-memory.dmp

          Filesize

          324KB

          Download