Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
140s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
14/01/2024, 03:07
General
-
Target
5a1d7de251f58482bcf542104a379940.exe
-
Size
88KB
-
MD5
5a1d7de251f58482bcf542104a379940
-
SHA1
6c74f79aeed4d974d5787c31da0567ea7756c21a
-
SHA256
ae76bfb733249289dd40c0d12d7c82397a372d21d7925f0082236973effe9a1a
-
SHA512
0fdec12357a2c1f15df42881920e52c8422f82f6a487a634ea825ec535a40d76f6f7c08f15848072fee7c0f2eac81cbf6fe61ce6467c6ecbe898154f1e112d28
-
SSDEEP
1536:WzbuB5BMDs7uPEQh7IDFZ92wGiZVLD+0WdpSlHmhYkm3JjVCPKsBcno7A:zBMQ8EQE92/i95WvSsBuVCtsiA
Score
7/10
Malware Config
Signatures
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Program crash 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\5a1d7de251f58482bcf542104a379940.exe"C:\Users\Admin\AppData\Local\Temp\5a1d7de251f58482bcf542104a379940.exe"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1384 -s 1882⤵
- Program crash
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
584KB
-
Filesize
584KB