Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    140s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    13/01/2024, 07:23

General

  • Target

    5852f7ce48d71ae25c9df370ba409f28.exe

  • Size

    674KB

  • MD5

    5852f7ce48d71ae25c9df370ba409f28

  • SHA1

    714be1ff141a384fee0dcbbe2704c13117be5dde

  • SHA256

    39d98f0ac8af77f1e9e0a612b2abe9ff08ae50d25eba9f152ad4211fb334d09c

  • SHA512

    64e93776fd126097dbded2142e760a15e126b8b6679a5f1e6fabc3a18c4e679b73d6dae3cc50fb0d3fe2ca2b944f192c3403f334d751ec6bdb58fe50635c4943

  • SSDEEP

    12288:r4RIuUexGHGUjRMFW9G6nMsdkisY9gq/WAfvPwmr0RMNr7LiHVNMWO:r4SuUmQGUqWbnxX9gIfHwRMh72MWO

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5852f7ce48d71ae25c9df370ba409f28.exe
    "C:\Users\Admin\AppData\Local\Temp\5852f7ce48d71ae25c9df370ba409f28.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1248-0-0x0000000000400000-0x0000000000578000-memory.dmp

    Filesize

    1.5MB

  • memory/1248-1-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

  • memory/1248-5-0x0000000000400000-0x0000000000578000-memory.dmp

    Filesize

    1.5MB

  • memory/1248-7-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB