Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

5d06a9f1cd...39.exe

windows7-x64

1

5d06a9f1cd...39.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    11s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2023, 05:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5d06a9f1cdd16e1a386a4a1cf5416fd4fa0f20783e4f46c9b5226b3ae0087739.exe

  • Size

    489KB

  • MD5

    e9fcfb2631168d2b1348db93d37ec70e

  • SHA1

    2f3abb07cda8acc08625fffb3aa264a51f899f2c

  • SHA256

    5d06a9f1cdd16e1a386a4a1cf5416fd4fa0f20783e4f46c9b5226b3ae0087739

  • SHA512

    54dafd240dc6231e17d07bd4c631ba0f67690ca0e4ac9406e5777194664908c064a8977cf1184df997c32db261c752d862447c5aa85a61d894110501167558aa

  • SSDEEP

    3072:zdQ8eKk3obaoYtzyP6GoAZRhnyy3fosobC9ayy3fosobC9k2yiqyy3fGsob9Z2:zda4b5Y06yi

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5d06a9f1cdd16e1a386a4a1cf5416fd4fa0f20783e4f46c9b5226b3ae0087739.exe
    "C:\Users\Admin\AppData\Local\Temp\5d06a9f1cdd16e1a386a4a1cf5416fd4fa0f20783e4f46c9b5226b3ae0087739.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1816
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1816 -s 696
      2⤵
        PID:2080

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1816-0-0x0000000001280000-0x0000000001300000-memory.dmp

      Filesize

      512KB

      Download

    • memory/1816-1-0x000007FEF5C20000-0x000007FEF660C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/1816-2-0x000007FEF5C20000-0x000007FEF660C000-memory.dmp

      Filesize

      9.9MB

      Download