Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

5d16c6f986...e9.exe

windows7-x64

3

5d16c6f986...e9.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    84s
  • max time network
    41s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 07:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5d16c6f9860895a9c98e1ca957e26be9.exe

  • Size

    41KB

  • MD5

    5d16c6f9860895a9c98e1ca957e26be9

  • SHA1

    ea004e50fa79678fb628715a7d4c41a0ceeb39df

  • SHA256

    a2102aacaf84053088d4560a45fd4918d331b92e73c6a199521fdb1187c47c8e

  • SHA512

    2f90f0ff9de6342ea13be0be1b4fe22db9ef5e049a61643415e3966621c0242384e9fa47a3458b7148b26153826f94749258dfb348322349b02b302d9515f1c0

  • SSDEEP

    768:bx6fpsRFyGHj54JJ+L9qbApaJQAs9LBGRIy7PFJ92RVfMw6aHkUhJSIpJQgeldr+:KpBGDCuqZep9g37PP92TfMw5PDSYJQJO

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5d16c6f9860895a9c98e1ca957e26be9.exe
    "C:\Users\Admin\AppData\Local\Temp\5d16c6f9860895a9c98e1ca957e26be9.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2992
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2992 -s 44
      2⤵
      • Program crash
      PID:2984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads