Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    122s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 00:04

General

  • Target

    1b8dd9ef1122d9d2eb12ad5321d76a98.exe

  • Size

    284KB

  • MD5

    1b8dd9ef1122d9d2eb12ad5321d76a98

  • SHA1

    d407f81c8b1ab477a1ec63d2b828bf5fcb723508

  • SHA256

    293c1ade7452ca7ce505702ce799b7d0355f15dd860f67531e38a7a8de3ac36a

  • SHA512

    de29c79f4490716f158f8ec0bcf67f4851a23aff45a2c193787376bb02d2041182737c958ea810fc1150853fc824169f4dd6e5b6289c4b6963c507abb56de15e

  • SSDEEP

    3072:uA1ehl/69NcG3QAP6MmsCXHldHjEcCWQLwBVYvr:uDl/UcQPkFFjGWbyr

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1b8dd9ef1122d9d2eb12ad5321d76a98.exe
    "C:\Users\Admin\AppData\Local\Temp\1b8dd9ef1122d9d2eb12ad5321d76a98.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2028 -s 120
      2⤵
      • Program crash
      PID:2016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2028-0-0x0000000000400000-0x000000000045B000-memory.dmp

    Filesize

    364KB