Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
140s -
max time network
139s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
13/01/2024, 07:23
Behavioral task
behavioral1
Sample
5852f7ce48d71ae25c9df370ba409f28.exe
Resource
win7-20231215-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
5852f7ce48d71ae25c9df370ba409f28.exe
Resource
win10v2004-20231222-en
2 signatures
150 seconds
General
-
Target
5852f7ce48d71ae25c9df370ba409f28.exe
-
Size
674KB
-
MD5
5852f7ce48d71ae25c9df370ba409f28
-
SHA1
714be1ff141a384fee0dcbbe2704c13117be5dde
-
SHA256
39d98f0ac8af77f1e9e0a612b2abe9ff08ae50d25eba9f152ad4211fb334d09c
-
SHA512
64e93776fd126097dbded2142e760a15e126b8b6679a5f1e6fabc3a18c4e679b73d6dae3cc50fb0d3fe2ca2b944f192c3403f334d751ec6bdb58fe50635c4943
-
SSDEEP
12288:r4RIuUexGHGUjRMFW9G6nMsdkisY9gq/WAfvPwmr0RMNr7LiHVNMWO:r4SuUmQGUqWbnxX9gIfHwRMh72MWO
Score
7/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1248-0-0x0000000000400000-0x0000000000578000-memory.dmp upx behavioral1/memory/1248-5-0x0000000000400000-0x0000000000578000-memory.dmp upx -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1248 5852f7ce48d71ae25c9df370ba409f28.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 1248 5852f7ce48d71ae25c9df370ba409f28.exe