Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

27e192d1b8...bc.exe

windows7-x64

5

27e192d1b8...bc.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 04:19 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    27e192d1b8689d7a83c7282e196410bc.exe

  • Size

    408KB

  • MD5

    27e192d1b8689d7a83c7282e196410bc

  • SHA1

    2285a100a1b598cd538452994baa765cec3ae3d4

  • SHA256

    9afc08c1d0239012052fa257079be04b519651124ee3ecb51c564552fa85cabc

  • SHA512

    2b8b41cdcd12db01c313f6b76f3d561e7a40066b2cd70ff15badeb6634d8746f62a77924fbeca170efac48ae4c3ede7b9baca4114f3239b27ded2879ae496abe

  • SSDEEP

    12288:RAvFG3axzFHhmuXi2+Qf4pW4ZCpc1/xNIj:RAdMaxzFouXi2+6CMc1Mj

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Modifies registry class 2 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\27e192d1b8689d7a83c7282e196410bc.exe
    "C:\Users\Admin\AppData\Local\Temp\27e192d1b8689d7a83c7282e196410bc.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:2436
    • C:\Users\Admin\AppData\Local\Temp\27e192d1b8689d7a83c7282e196410bc.exe
      C:\Users\Admin\AppData\Local\Temp\27e192d1b8689d7a83c7282e196410bc.exe
      2⤵
        PID:1936

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1936-1-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1936-3-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1936-5-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1936-8-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1936-9-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1936-14-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1936-15-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1936-16-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1936-17-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    • memory/2436-0-0x0000000000220000-0x0000000000221000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2436-12-0x0000000000400000-0x00000000004F6000-memory.dmp

      Filesize

      984KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.