Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

tmp.lnk

windows10-2004-x64

6

Analysis

  • max time kernel
    90s
  • max time network
    117s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/08/2023, 13:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp.lnk

  • Size

    593B

  • MD5

    e878699662102dabaa0a7f8f23232465

  • SHA1

    3a886240aa584f932191db81f9be2e88f60825ee

  • SHA256

    d80d84ba07668b7c20c7c632301afac7c4e3e0fc309b05037c49ee440766cf28

  • SHA512

    1b79bfa92b137d3697e539a27a7ecda7cdde0a86703d7674a79b0fbe8228fd59c3380fdc72aa13c9001e52a622ebea8550cd59c79943d3c1942b3ec847d395d8

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\tmp.lnk
    1⤵
    • Enumerates connected drives
    PID:4352
  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
    1⤵
      PID:1148

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads