Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

7a07c03fe7...0d.exe

windows7-x64

5

7a07c03fe7...0d.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 15:47 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7a07c03fe7ffc9a5b6271b50ffff7a0d.exe

  • Size

    57KB

  • MD5

    7a07c03fe7ffc9a5b6271b50ffff7a0d

  • SHA1

    7d1c8c668f0a5dc8c1ae27f82d3f2f5e24a1c83b

  • SHA256

    79e58125575f22f1ac308706256ccbc097f4dffb195a8a043f486c5591e71d63

  • SHA512

    47b22e05f1817982ce087b4aed486b83b0e2425df5679e22dc709a99bcabde99edad670acca7e0540069371f23fe8602c59e000f173b37f80c50e5f583684c23

  • SSDEEP

    1536:cxYaZ+H31sbydP3zAn97yZ9Wpcp9pfbbcS0GjTY:cxYZibkA2+cJv9U

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7a07c03fe7ffc9a5b6271b50ffff7a0d.exe
    "C:\Users\Admin\AppData\Local\Temp\7a07c03fe7ffc9a5b6271b50ffff7a0d.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:2212
    • C:\Users\Admin\AppData\Local\Temp\7a07c03fe7ffc9a5b6271b50ffff7a0d.exe
      "C:\Users\Admin\AppData\Local\Temp\7a07c03fe7ffc9a5b6271b50ffff7a0d.exe"
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of WriteProcessMemory
      PID:2516
  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1196

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1196-4-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

      Filesize

      28KB

      Download

    • memory/1196-7-0x000000007EFD0000-0x000000007EFD1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2516-0-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2516-2-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/2516-3-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    • memory/2516-16-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/2516-17-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.