Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

08f0b53dc7...a2.exe

windows7-x64

1

08f0b53dc7...a2.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    6s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 00:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08f0b53dc7192fed34208175e5d953a2.exe

  • Size

    576KB

  • MD5

    08f0b53dc7192fed34208175e5d953a2

  • SHA1

    05adcda4a2534bf145138e3913a13eb4c5cdd219

  • SHA256

    063fecd8ee754e982ff7ce9ed83b7fe7382dd7c9f24ae3ab63dd2308117bacea

  • SHA512

    95ce41d572d622e4615dc76bdf618b5d948a7ce8453194149fb2b75cfcfd4b5c6cad57de3a33d4bb028549e55cf3762fccd41cabaee539fc9d53dccf4eece6d3

  • SSDEEP

    6144:4BCAAZBSZ4x6mnRCZkkFkIMakKbdWIz6CXkyh7liuxCq+zbc83Cbbbb2cThZzNgS:4BCg48mRYESLxqzN32bb2cXavA0T/eP1

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 3 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\08f0b53dc7192fed34208175e5d953a2.exe
    "C:\Users\Admin\AppData\Local\Temp\08f0b53dc7192fed34208175e5d953a2.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1232
    • C:\Users\Admin\AppData\Local\Temp\08f0b53dc7192fed34208175e5d953a2.exe
      watch
      2⤵
      • Suspicious use of UnmapMainImage
      PID:2716
    • C:\Users\Admin\AppData\Local\Temp\08f0b53dc7192fed34208175e5d953a2.exe
      start
      2⤵
      • Suspicious use of UnmapMainImage
      PID:2808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1232-0-0x000000007EF90000-0x000000007EFAF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/1232-2-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/1232-1-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2716-4-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2716-6-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2808-3-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2808-5-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download