Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

019fb19f19...ab.exe

windows7-x64

7

019fb19f19...ab.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    145s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    14/11/2023, 19:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    019fb19f194def75f942718737a1d691a9a2eee5f571429e9494a1feec3eecab.exe

  • Size

    2.6MB

  • MD5

    6174f1c61a30552b58e2e747d7815cd5

  • SHA1

    465ae65cc7a59d88ec5dc1109bf3be37349c92e2

  • SHA256

    019fb19f194def75f942718737a1d691a9a2eee5f571429e9494a1feec3eecab

  • SHA512

    7c27c4195af45156250103bdd9264c82606d4f22fb2b84c9c5bcdc5af66281d89c38f1b3cd5198db877294dd3e78c4af10644bb4495fad105e7022972f6fc2b3

  • SSDEEP

    49152:SqA6pDItQ7XxeZ0EW8W/ATyvcO4z1Pq3eAQm:SqFDEiAWvcOuPq3eAJ

Score
7/10
evasion

Malware Config

Signatures

  • Identifies Wine through registry keys 2 TTPs 3 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    evasion
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\019fb19f194def75f942718737a1d691a9a2eee5f571429e9494a1feec3eecab.exe
    "C:\Users\Admin\AppData\Local\Temp\019fb19f194def75f942718737a1d691a9a2eee5f571429e9494a1feec3eecab.exe"
    1⤵
    • Identifies Wine through registry keys
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2248

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2248-0-0x0000000000400000-0x00000000006FE000-memory.dmp

    Filesize

    3.0MB

    Download

  • memory/2248-1-0x0000000000400000-0x00000000006FE000-memory.dmp

    Filesize

    3.0MB

    Download

  • memory/2248-2-0x0000000000400000-0x00000000006FE000-memory.dmp

    Filesize

    3.0MB

    Download

  • memory/2248-5-0x0000000000400000-0x00000000006FE000-memory.dmp

    Filesize

    3.0MB

    Download

  • memory/2248-9-0x0000000000400000-0x00000000006FE000-memory.dmp

    Filesize

    3.0MB

    Download

  • memory/2248-14-0x0000000000400000-0x00000000006FE000-memory.dmp

    Filesize

    3.0MB

    Download