Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

b0a7ee2970...89.exe

windows7-x64

1

b0a7ee2970...89.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    12/12/2023, 08:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b0a7ee2970198062cad703d72e51a4194eb0b8264f1b12516e610d44157a4389.exe

  • Size

    25KB

  • MD5

    bd3bdacb272d3fbc93c3219458e07a2c

  • SHA1

    0439fbc94ec1dadcf44c83ea38f6f08d4d322e8f

  • SHA256

    b0a7ee2970198062cad703d72e51a4194eb0b8264f1b12516e610d44157a4389

  • SHA512

    8f79e12a8c89f919b7a40cdbbcd12b975b3e08b074075cc9c2619576e89fbefa9333fd49c81d759e3d31a87358388eb36959e57db1462bdd93d5a1828f71a455

  • SSDEEP

    384:HlMx3bEKnzM6hp44vlrnetdGlBcDFkchMKtxCYSIDYL/MRpvwowq6uje2Owq6ujy:KbEgM6hlvoKlytxCYSmJ

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b0a7ee2970198062cad703d72e51a4194eb0b8264f1b12516e610d44157a4389.exe
    "C:\Users\Admin\AppData\Local\Temp\b0a7ee2970198062cad703d72e51a4194eb0b8264f1b12516e610d44157a4389.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2116 -s 532
      2⤵
        PID:1712

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2116-0-0x0000000000AB0000-0x0000000000ABC000-memory.dmp

      Filesize

      48KB

      Download

    • memory/2116-1-0x000007FEF5C70000-0x000007FEF665C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2116-2-0x000007FEF5C70000-0x000007FEF665C000-memory.dmp

      Filesize

      9.9MB

      Download