Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
24/12/2023, 21:23
Behavioral task
behavioral1
Sample
main.exe
Resource
win7-20231215-en
General
-
Target
main.exe
-
Size
11.7MB
-
MD5
4b493a0327eea41a468ec32685eeba25
-
SHA1
036bcbf9e1d777c68962ce3e6ff24fbe4acb03d6
-
SHA256
82322372016b1c70f411ad0835fccf2a2a4cc10d34ec62dc52c0ae216ced4158
-
SHA512
c8efae56ada521327b80c09a9cbf84604886ba999904c48d2e0318278e4a60357834f7ec2b3b41189dc85024101c7d7e5b6d713b151d75571bf4fc4b38ca9d8c
-
SSDEEP
196608:+rD4RGdMjEznvLjv+bhqNVoB6Ck5c7GpNlI41J2mJLVk9ntlRbvOXiWCU0:hUdMjOjL+9qz86Ck+7q3D1Jq1bmXiWCU
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 2572 main.exe -
resource yara_rule behavioral1/files/0x000500000001960e-71.dat upx behavioral1/files/0x000500000001960e-72.dat upx -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3012 wrote to memory of 2572 3012 main.exe 28 PID 3012 wrote to memory of 2572 3012 main.exe 28 PID 3012 wrote to memory of 2572 3012 main.exe 28
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
267KB
MD508e972938b0158a36181be374495cc37
SHA141ed01488f991c0da8517847617de08d2d49a68f
SHA256d0fcf40b7f7961be6e63d604139cd6ffcd054cd9ebc92f0df2fa5bb8519e7131
SHA512f2ee2940ce4bf0ef2a2719aa2d575187c6dfe3bb6faa598cf83f25d34890997a8c3aff522fef08e49027effbcd8ded496893536fd26093bff308c023c3c57c89
-
Filesize
92KB
MD59374663514d0dfaedf07ee074df997b7
SHA1c9368e5a9301dcca9a3e918dab34667f90df325b
SHA256df53e2b61760d91905825f70dbf3cd053098d2a9d32abcf7296171570c07d318
SHA5126b8fdb97261056952ce2c3432bf3c4037e92822fc28a99443a3eca2b2f4a82a39637b37c5890d179f0c63df6009ba36a555876ad51588cd736fb1cd6e7da7435