Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
141s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
28/01/2024, 05:09
General
-
Target
7c3c4dba11f7ad2d331e296e891e37d4.exe
-
Size
359KB
-
MD5
7c3c4dba11f7ad2d331e296e891e37d4
-
SHA1
c2c14821531149b741ab120ef94d94e2509aa336
-
SHA256
39edfee7d8e308dfa08f9c4a2ee8ccba31bb306a4a3d2299791c3f5ba9c4c1d9
-
SHA512
358f59e90e5d9268e03e46f73ede3d17dac1b797dcd37304058bfba7edd589542ab14947f425aa9d02338e6a99065222ac200fff41b7d0444073f7fe2a0d755b
-
SSDEEP
6144:k+q9Lj0M7frQMU4SobPojsZn3kjv96Gq64/G+i75voDwlwTOKZ:shj0Kd1PoIk0xjPM5vQ
Score
8/10
Malware Config
Signatures
-
Disables taskbar notifications via registry modification
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in Windows directory 1 IoCs
-
Modifies registry class 20 IoCs
-
Suspicious behavior: EnumeratesProcesses 6 IoCs
-
Suspicious use of FindShellTrayWindow 4 IoCs
-
Suspicious use of SendNotifyMessage 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\7c3c4dba11f7ad2d331e296e891e37d4.exe"C:\Users\Admin\AppData\Local\Temp\7c3c4dba11f7ad2d331e296e891e37d4.exe"1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\unsecapp.exe -Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
372KB
-
Filesize
1.0MB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB
-
Filesize
372KB