Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231023-en -
resource tags
-
submitted
28/11/2023, 07:45 UTC
General
-
Target
КикнадзеМД-bee2ed2e-межбанк.cms.req.7z
-
Size
1KB
-
MD5
1e42628fc9a790acc30864e2dd1399dc
-
SHA1
96266564c3a1cb0fc5f69d3699d3929b76363d88
-
SHA256
6dccfa9feef1ef8ce9073166fc57e1437d05d7e8ad0d594b021db4ee1cc6de4d
-
SHA512
7cf08b7a2f7a83fa2f746dad4a0f7371c97086e607b8faf6414444012d0282f30633966439f28861c8ec396d0d6d5e575f9328ed40937358a50e1b8be88241b5
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 9 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\КикнадзеМД-bee2ed2e-межбанк.cms.req.7z1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\rundll32.exe"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\КикнадзеМД-bee2ed2e-межбанк.cms.req.7z2⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\КикнадзеМД-bee2ed2e-межбанк.cms.req.7z"3⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
-
-
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe"1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5922b31e59b557b8348e1ac00e46b2f1d
SHA1c4cb3b0cbd542fe227931b90cc5ed65c50e12cd1
SHA2561bb0ef42576a53a9d306310c120c83366a93bb5b15d6457575a7523db3be4244
SHA512c383e00dd1d2b95a9b3cd66edcdf018a11210264304c28d72fcf8f7b99453420d68a50ba6ec74c33fb07b657956f0f11df81c01887b44692a0eb4e6d5e11997e