Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4e71c0eb90...01.exe

windows7-x64

1

4e71c0eb90...01.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    0s
  • max time network
    2s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    12/12/2023, 11:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4e71c0eb909b58239ff9a12e3abbed336c126e61ffb24e052ad68b4b6863ee01.exe

  • Size

    2.4MB

  • MD5

    59f79fe64de3c9562ea00c7e41f65d85

  • SHA1

    f93f2bec00acde7beb74bd02ff74a164ce7c7b9e

  • SHA256

    4e71c0eb909b58239ff9a12e3abbed336c126e61ffb24e052ad68b4b6863ee01

  • SHA512

    c562e59b5e953b05b21cb95b57f7364834ed155ad12a52dc10faf2da2e69f851c2425b05fb547de4e6098cb6655ff741025c989627b482d22e9127ac52d83100

  • SSDEEP

    49152:mrX4ppAYG3aZCwHUA1k3XKL73AxUCQLRWqJ8BaXKL73AxUCQLRWqJ8B:mT4ppAY/Ck+qL73x7sqJIDL73x7sqJI

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4e71c0eb909b58239ff9a12e3abbed336c126e61ffb24e052ad68b4b6863ee01.exe
    "C:\Users\Admin\AppData\Local\Temp\4e71c0eb909b58239ff9a12e3abbed336c126e61ffb24e052ad68b4b6863ee01.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1912
    • C:\Users\Admin\AppData\Local\Temp\csrss1.exe
      C:\Users\Admin\AppData\Local\Temp\csrss1.exe
      2⤵
        PID:2288

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\csrss1.exe
      Filesize

      19KB

      MD5

      df33ad0ba94865d66edffca1844b0769

      SHA1

      0566ff537f9478eda6cf9747ac2e219433b5c47c

      SHA256

      72d80fc67e68a5f1502428c0ff2a4ea1f4b635b3f8fa6ee372ba840ca2cf9622

      SHA512

      7f4e18ccdec5a943451ff6ec9b37c079fc824b77effb2e2b4674e1be3b4e0f0936b9afd2970bb12199ba4b75fb1ab8683f2252d1ad9860c79715667892833fe2

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\csrss1.exe
      Filesize

      54KB

      MD5

      19d209423f7aace623676dcd7fee0508

      SHA1

      e948941a164a4c48fdaceaa1a3252961979177da

      SHA256

      c72891104305b6e3e360d0fdc155a5d9815b891a6c191bbe6351d63507bfb80d

      SHA512

      ac53c38a4af7b5063cd356b20f17d1f8ac67cd8704f7546c856d1c8dc349acc693e8fade509b48e2832bd3bf45b70e619165131f6b797d76ba764defa5ed3711

      Download Submit

    • memory/1912-0-0x0000000000400000-0x00000000005C7000-memory.dmp

      Filesize

      1.8MB

      Download