Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231020-en -
resource tags
arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system -
submitted
11/11/2023, 21:54
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
7d35bcf2f9e6ea15a22a9907663d49d7ec764b93e3d4ad23225acf6b51717f82.exe
Resource
win7-20231020-en
2 signatures
150 seconds
General
-
Target
7d35bcf2f9e6ea15a22a9907663d49d7ec764b93e3d4ad23225acf6b51717f82.exe
-
Size
2.3MB
-
MD5
729fddc414274624bdd7850955e9d4d3
-
SHA1
8f322fb7c3168b92a43828f944332e144e1967e4
-
SHA256
7d35bcf2f9e6ea15a22a9907663d49d7ec764b93e3d4ad23225acf6b51717f82
-
SHA512
1fddef904e7e1b4c5228aef655bbbb9fa4a890accbe41b941c9c0642348fe32814678ce29ebfcda769afd1e806ee5af09a611182a407c3ebf0c13d7996989f1e
-
SSDEEP
49152:U1z3TQm/KXAXtDWRMmWFZeAbfBVGvya0S9icoLrNYMqFg3FDAV3rdJE3jM2ce:MEmIAilWbeAbfBVGvya0S4dYMqFaFDAn
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeTakeOwnershipPrivilege 1652 7d35bcf2f9e6ea15a22a9907663d49d7ec764b93e3d4ad23225acf6b51717f82.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 1652 7d35bcf2f9e6ea15a22a9907663d49d7ec764b93e3d4ad23225acf6b51717f82.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\7d35bcf2f9e6ea15a22a9907663d49d7ec764b93e3d4ad23225acf6b51717f82.exe"C:\Users\Admin\AppData\Local\Temp\7d35bcf2f9e6ea15a22a9907663d49d7ec764b93e3d4ad23225acf6b51717f82.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:1652