Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25/12/2023, 15:47
General
-
Target
2a8232f457d79d83a08dd75517b0bb03.exe
-
Size
20KB
-
MD5
2a8232f457d79d83a08dd75517b0bb03
-
SHA1
cb6ec4f67494fc3b94eb2ab13447317c71f62b6e
-
SHA256
c6e68c7d923126e0c344dc904fbbe24aab1ba86aabb83d83e711d6892cbe751c
-
SHA512
fc046bdaf1f726e21ec90cadfb6ffb8bc5acbfc4143c50d347516958502a30dde52daee7349f914e763a8e9b98fdde599080c5864b2c7d0f68ab00d9d5163efb
-
SSDEEP
192:e0PcnaRc43+IO8p+Z8Cnzk8zEORsVz8p0WDss2DtYB9OZag2:7EaR3uVzwV4p07s2m9Nx
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2a8232f457d79d83a08dd75517b0bb03.exe"C:\Users\Admin\AppData\Local\Temp\2a8232f457d79d83a08dd75517b0bb03.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\~DF47E9.tmpC:\Users\Admin\AppData\Local\Temp\~DF47E9.tmp PID:292 EXE:"C:\Users\Admin\AppData\Local\Temp\2a8232f457d79d83a08dd75517b0bb03.exe"2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD52a8232f457d79d83a08dd75517b0bb03
SHA1cb6ec4f67494fc3b94eb2ab13447317c71f62b6e
SHA256c6e68c7d923126e0c344dc904fbbe24aab1ba86aabb83d83e711d6892cbe751c
SHA512fc046bdaf1f726e21ec90cadfb6ffb8bc5acbfc4143c50d347516958502a30dde52daee7349f914e763a8e9b98fdde599080c5864b2c7d0f68ab00d9d5163efb