Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
13/01/2024, 03:29
Static task
static1
Behavioral task
behavioral1
Sample
d61032496960ee1236d91647968b9ea5.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
d61032496960ee1236d91647968b9ea5.exe
Resource
win10v2004-20231222-en
General
-
Target
d61032496960ee1236d91647968b9ea5.exe
-
Size
127KB
-
MD5
d61032496960ee1236d91647968b9ea5
-
SHA1
26c60337b72573cd63365b12e1d4afccd5e1b9df
-
SHA256
79e3dafb55e1c8fba43d162f11a62d053ab2fa4eb5ba61005167732fd742b335
-
SHA512
35894e702679d40522e35965513cf4999910fb03820ccaa72ea4a0a2a0bf01ac388bfc68722c662af4f8ea693cb70a5c81126cb0ef120583175259ab125d7db6
-
SSDEEP
3072:GpTV5C9Hl+6i+95EI999/l7CjSYgt6uKBB:VH8U95EBT7
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz d61032496960ee1236d91647968b9ea5.exe Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 d61032496960ee1236d91647968b9ea5.exe