Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
132s -
max time network
140s -
platform
windows7_x64 -
resource
win7-20231023-en -
resource tags
-
submitted
07/11/2023, 14:50
General
-
Target
Activator/ConsoleAct_2.3.exe
-
Size
856KB
-
MD5
e5b2c576f778dbfd501d7b3dc29d1c89
-
SHA1
0d7a583ace8a0c598dde33b0b4fc8c3b74111fbd
-
SHA256
3bb2533f9465a9c3e8e0c4491a194fe139aefb0c75e91537fb2b1b59e66ec43a
-
SHA512
dfbbff1cdef6412a448a4ea63796c3e09dc25bbbb163a9c1da38342478c2c31f2b7e4f6b184fb52b841c0540b859f871b3e3001bf8132fc6fcd81f6f57911aab
-
SSDEEP
24576:nJr6ro7aR6pqUxfop9228fRrcoH3y/+3fT92:nJrb7aYYUx02227y/+PTU
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 3 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Activator\ConsoleAct_2.3.exe"C:\Users\Admin\AppData\Local\Temp\Activator\ConsoleAct_2.3.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\cmd.exe"C:\Windows\System32\cmd.exe" /c copy C:\Windows\System32\Tasks\ConsoleAct "C:\Users\Admin\AppData\Local\Temp\ConsoleAct.tmp" /Y 2>&12⤵
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
856KB
MD5e5b2c576f778dbfd501d7b3dc29d1c89
SHA10d7a583ace8a0c598dde33b0b4fc8c3b74111fbd
SHA2563bb2533f9465a9c3e8e0c4491a194fe139aefb0c75e91537fb2b1b59e66ec43a
SHA512dfbbff1cdef6412a448a4ea63796c3e09dc25bbbb163a9c1da38342478c2c31f2b7e4f6b184fb52b841c0540b859f871b3e3001bf8132fc6fcd81f6f57911aab
-
Filesize
1.9MB
-
Filesize
1.9MB