Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

5040a27a03...34.exe

windows7-x64

1

5040a27a03...34.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 09:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5040a27a033e833cf463e6756c0c6134.exe

  • Size

    108KB

  • MD5

    5040a27a033e833cf463e6756c0c6134

  • SHA1

    514c167b1d9ca81c1079ab64c27ba393cc808973

  • SHA256

    85ffcdf2e89048bf83d8530c6edd152b759012c95481aee0f1b3bd3898a72a1e

  • SHA512

    ddb26899f3995e83110b9afe08505e27ce22f2e428d9036e20c7e1f5ececa24dba2acbc9bace778c66b4982f281859ae66f3d8b94667018dba97fe9dbeaa1592

  • SSDEEP

    1536:+RSO6MfF+9FXiZCar9FE9PWRKD+xuUMt+LB6FFkufly7GKK9Bv6dY:+M59FXice9ORWRxxY+LUoEly7GKK9IW

Score
1/10

Malware Config

Signatures

  • NTFS ADS 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5040a27a033e833cf463e6756c0c6134.exe
    "C:\Users\Admin\AppData\Local\Temp\5040a27a033e833cf463e6756c0c6134.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Windows\system32\cmd.exe
      "cmd"
      2⤵
      • NTFS ADS
      PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2932-1-0x0000000002010000-0x0000000002090000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2932-2-0x000007FEF60C0000-0x000007FEF6A5D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2932-0-0x000007FEF60C0000-0x000007FEF6A5D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2932-3-0x0000000002010000-0x0000000002090000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2932-6-0x0000000002010000-0x0000000002090000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2932-5-0x000007FEF60C0000-0x000007FEF6A5D000-memory.dmp

    Filesize

    9.6MB

    Download