Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

3a1c9c8fcd...c1.exe

windows7-x64

1

3a1c9c8fcd...c1.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 14:40 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3a1c9c8fcde74660b0e9c85eb9e803c1.exe

  • Size

    9KB

  • MD5

    3a1c9c8fcde74660b0e9c85eb9e803c1

  • SHA1

    0e7f9b7f609a5c4f2ad9249b65684f4ce85f00ab

  • SHA256

    2802e829ceb8f30a8ee038582c372935d527e645dbc09386229d712b3c40547d

  • SHA512

    d382b4587d85e58a74e96924c8bfe7481bacdf0082d568d2c513ad70b7340b97eb93d77e7d1851d412c4d179bd240cba4b1717f7300f7b7e97d3137397dbf349

  • SSDEEP

    192:bBksuvPY82gQv5F42tMeMZZ3N93VnjdwCzCk3HZJWO:N82l42tMeMPFnhwC+kXZJW

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3a1c9c8fcde74660b0e9c85eb9e803c1.exe
    "C:\Users\Admin\AppData\Local\Temp\3a1c9c8fcde74660b0e9c85eb9e803c1.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2032
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2032 -s 896
      2⤵
        PID:2684

    Network

      No results found
    • 194.87.145.184:6484
      3a1c9c8fcde74660b0e9c85eb9e803c1.exe
      152 B
       3
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2032-0-0x00000000011E0000-0x00000000011E8000-memory.dmp

      Filesize

      32KB

      Download

    • memory/2032-1-0x000007FEF5560000-0x000007FEF5F4C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2032-2-0x0000000000B90000-0x0000000000C10000-memory.dmp

      Filesize

      512KB

      Download

    • memory/2032-3-0x000007FEF5560000-0x000007FEF5F4C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2032-4-0x0000000000B90000-0x0000000000C10000-memory.dmp

      Filesize

      512KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.