Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
134s -
max time network
39s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
02/01/2024, 18:43
Behavioral task
behavioral1
Sample
fenetre.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
fenetre.exe
Resource
win10v2004-20231215-en
General
-
Target
fenetre.exe
-
Size
13.5MB
-
MD5
d51d33eb0f0c0ecc8ec735f47e49c6bd
-
SHA1
37142899c322e98acee5ac5a4a84a669e8e3b22b
-
SHA256
ac939deb44cbd4cb77fe9b85fab140422ea9c96320e688515d7238939b718ee9
-
SHA512
a16de8e567f1e3dc564ec06fbcb0d3284b97ca289ed7144bfd31d9710d75a9127148a1a137b232d8627258ffd0905e7e47dba7ca5215d707f3a9a6374ba03628
-
SSDEEP
196608:uEoh5dQmR5dA6lsuErSEEJw/aq2c8Ft1L4iNxoFhnfQQJYS30W8/La9U4GmSlWX:fEdQ2ls+9Joaq2h4owBfQQehW83Qg
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 2280 fenetre.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2588 wrote to memory of 2280 2588 fenetre.exe 30 PID 2588 wrote to memory of 2280 2588 fenetre.exe 30 PID 2588 wrote to memory of 2280 2588 fenetre.exe 30
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.8MB
MD50b5aab34b81aeac59af7179fe97460bc
SHA15c4d570e1424937a80bddc98f7a9c1f2762d0baf
SHA256e9801f38018967b9e99c7388112c3403814d00e254fc55beeec3d796f32521ce
SHA5123affc8beb6b4a541e5f79e60b14696c3c411a1684eb7c81726d604ef0d3b62909ae29a07a4a9747d34f494dfc07653e2b40105eb711c04200a87a8c8a30b63c5
-
Filesize
1.5MB
MD5b5fb65f5f2493ff5edbcc95142120c60
SHA1fcaed1da9fb9c465448f1696d5fbaa22ced2168a
SHA2560e1e3583d99a50e82ebbe466e8174fbfac227bda671f220aca6e42a344bb936e
SHA512b7bc796e7ca8c8cc78b32c5d6ac37cedc6d6abe399f354674fad8cb43789360798116be2e21f01bb0ecd454ae0cf0c01a082cc9f8aa0f720d78fbff46d73d514