Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
24/12/2023, 16:37
General
-
Target
061f66655f84183309086ef53cc550a0.exe
-
Size
2.9MB
-
MD5
061f66655f84183309086ef53cc550a0
-
SHA1
a21d234a4cba052ca07031b2c54d32534ba8b4c6
-
SHA256
ea0ce25852df4220c1187a712a97e2d64c5652f599c07f71bd1eefc51a6b6eb8
-
SHA512
aceffe4b35222885d228c3bd09c266ed56205db686a29536f728b4717f83e2eb88d656048b9601f39e6abcb1095b11592fbe2b103ee704dccfc8b564c6b86b5e
-
SSDEEP
49152:OIAM4Mnk7/NMSEimHD5gs0mGv0k+JclgJoN5q9aqx0r:OPM4Om/+SE/1czp+JQgJoN5Qx0r
Score
3/10
Malware Config
Signatures
-
Program crash 3 IoCs
-
Suspicious behavior: EnumeratesProcesses 6 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\061f66655f84183309086ef53cc550a0.exe"C:\Users\Admin\AppData\Local\Temp\061f66655f84183309086ef53cc550a0.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1208 -s 9482⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1208 -s 9682⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1208 -s 9722⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 1208 -ip 12081⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 1208 -ip 12081⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 1208 -ip 12081⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
15.0MB
-
Filesize
15.0MB
-
Filesize
15.0MB
-
Filesize
15.0MB
-
Filesize
15.0MB
-
Filesize
15.0MB
-
Filesize
15.0MB
-
Filesize
15.0MB