Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    1s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230831-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230831-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/09/2023, 04:20

General

  • Target

    851636185cdfd70b5df8aeb66a574c6fe3fbcbc31760ac531c7d9093df66ebce.exe

  • Size

    38KB

  • MD5

    6aa1875bdcf78282951a672c4a30ee2e

  • SHA1

    3637b4a67bf39ad9141ba4b0bdb7a52ad2f6527f

  • SHA256

    851636185cdfd70b5df8aeb66a574c6fe3fbcbc31760ac531c7d9093df66ebce

  • SHA512

    d2e73a53e4ad01543ce295f79790f962720ecfff97d461cccb7188d38a22ce39e6ed51901e50aed14750c8bbdf54f81f2200d07fb3d677832557b32f1b799e1f

  • SSDEEP

    384:+4brug5HKn/AwXzAIW637/w1wPhN74ByD215:/rR9I/zzAhuskhCByD

Malware Config

Extracted

Family

metasploit

Version

windows/exec

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

Processes

  • C:\Users\Admin\AppData\Local\Temp\851636185cdfd70b5df8aeb66a574c6fe3fbcbc31760ac531c7d9093df66ebce.exe
    "C:\Users\Admin\AppData\Local\Temp\851636185cdfd70b5df8aeb66a574c6fe3fbcbc31760ac531c7d9093df66ebce.exe"
    1⤵
      PID:1776

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1776-0-0x0000000000400000-0x000000000041F000-memory.dmp

      Filesize

      124KB

    • memory/1776-1-0x0000000000400000-0x000000000041F000-memory.dmp

      Filesize

      124KB