Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

1fceedc6f1...6c.exe

windows7-x64

3

1fceedc6f1...6c.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 23:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1fceedc6f1cff86611a171685758bd6c.exe

  • Size

    388KB

  • MD5

    1fceedc6f1cff86611a171685758bd6c

  • SHA1

    00020ecfe2f1b38469cd03efef4c5ff7687d9f62

  • SHA256

    98dc90751e96eee4a80852e5d6bd7567a03ef046f96ed30a6ac9e0c5a879625b

  • SHA512

    fcd3bd54d9b410371196aa7ccfa0b37c0688184e07c5912eda4d687bc46a8bfa3bfc5d74184c84c2607a8b92aa1cd502750baf377acb4939e24c4397ac9a915f

  • SSDEEP

    3072:e2voeN+jaiG17Ef5KlrKnBZ59oZSmveDlcjIV8jlwIxU+V4EFFCcll3H3rH3XD7U:ZQeNai17Y56rKnBfWhveajzxwIxU

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1fceedc6f1cff86611a171685758bd6c.exe
    "C:\Users\Admin\AppData\Local\Temp\1fceedc6f1cff86611a171685758bd6c.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:688
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 688 -s 100
      2⤵
      • Program crash
      PID:2192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads