Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

SuspiciousEmails.zip

windows7-x64

1

SuspiciousEmails.zip

windows10-2004-x64

1

POTENTIALL...23.msg

windows7-x64

5

POTENTIALL...23.msg

windows10-2004-x64

3

SHIP DATE ...23.msg

windows7-x64

5

SHIP DATE ...23.msg

windows10-2004-x64

3

Resubmissions

01/09/2023, 05:51

230901-gkbdnacg6t 5

01/09/2023, 05:47

230901-ghbawacg5y 5

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230831-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230831-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/09/2023, 05:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    POTENTIALLY SUSPICIOUS SHIP DATE Aug 29 2023.msg

  • Size

    204KB

  • MD5

    379270fb269df472c2cf4a7f4e120244

  • SHA1

    0c87dd774f82e4f52a5c80b565ee2f0e97e109c6

  • SHA256

    1f47739cb2c5fab701bd783346bc0a1b9d9f862dd9bb5ed170df95296ede1d4f

  • SHA512

    87ce1904b6274822f181e49279d835da4ea684d250a0e7e978a5acf63880dffb9965cc135dd19a1cfbfe5e2e32137e9c8e0fc345c8836dc4a1132b7fe8b1981a

  • SSDEEP

    6144:ZtaTQWF2ok3u9mnPXHAriJdTf7l5iH2Kt4dl2x/E:ZgTQWF2ok3u9mnPXHoiJdTf7l5iHL

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\POTENTIALLY SUSPICIOUS SHIP DATE Aug 29 2023.msg"
    1⤵
    • Modifies registry class
    PID:1336
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:5092

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads