Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 23:18

General

  • Target

    42b9fe327780a76b70407e45cbbbdb19.exe

  • Size

    3.0MB

  • MD5

    42b9fe327780a76b70407e45cbbbdb19

  • SHA1

    ef87faa47bf565e5595534d8b221d308aea7c37c

  • SHA256

    5090d2d1f83f3a8fefddd7b33729fe4720e52325caf95b52d3e91cd4f04c1d68

  • SHA512

    05ab6189a177434632fa98e884809aaa7d3ceba87854b8fe8621189243320b58bc98dc4b941a6566d22b0cf48eb4871ce9fdd5bb4d4913cf2a8780d42d3cda7a

  • SSDEEP

    49152:ljASnaO45SChj0IFeeI/hks47+aIObgdKot:lEIQeeI/R4iavbGt

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\42b9fe327780a76b70407e45cbbbdb19.exe
    "C:\Users\Admin\AppData\Local\Temp\42b9fe327780a76b70407e45cbbbdb19.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2056-0-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

  • memory/2056-5-0x0000000000400000-0x0000000000702000-memory.dmp

    Filesize

    3.0MB

  • memory/2056-6-0x0000000000400000-0x0000000000702000-memory.dmp

    Filesize

    3.0MB