Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d610324969...a5.exe

windows7-x64

3

d610324969...a5.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    13/01/2024, 03:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d61032496960ee1236d91647968b9ea5.exe

  • Size

    127KB

  • MD5

    d61032496960ee1236d91647968b9ea5

  • SHA1

    26c60337b72573cd63365b12e1d4afccd5e1b9df

  • SHA256

    79e3dafb55e1c8fba43d162f11a62d053ab2fa4eb5ba61005167732fd742b335

  • SHA512

    35894e702679d40522e35965513cf4999910fb03820ccaa72ea4a0a2a0bf01ac388bfc68722c662af4f8ea693cb70a5c81126cb0ef120583175259ab125d7db6

  • SSDEEP

    3072:GpTV5C9Hl+6i+95EI999/l7CjSYgt6uKBB:VH8U95EBT7

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\d61032496960ee1236d91647968b9ea5.exe
    "C:\Users\Admin\AppData\Local\Temp\d61032496960ee1236d91647968b9ea5.exe"
    1⤵
    • Checks processor information in registry
    PID:2816

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2816-21-0x0000000000290000-0x0000000000291000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2816-199-0x0000000000290000-0x0000000000291000-memory.dmp

    Filesize

    4KB

    Download