Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

7d5f04601c...54.exe

windows7-x64

5

7d5f04601c...54.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    93s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/01/2024, 15:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7d5f04601c30d697a6925cd57f536454.exe

  • Size

    166KB

  • MD5

    7d5f04601c30d697a6925cd57f536454

  • SHA1

    a67e76027dff46f42f4b20ba931ddf9ba78f5829

  • SHA256

    4a3615b5ab91a5a7e052c0b0c2a1c104a142444fd4d26d712817e993714df34f

  • SHA512

    614fcbf32201ee588ba85f55c024345af2cec874b69b32f05f7c5f379b5c48da6bd9d3d4af6c60425e4812df3c5077d84f0637ff0896a9a9ad2ff763c50c0b97

  • SSDEEP

    3072:7xUFD7b/y8nfoxW8u85PW0ot2Z93Pprz7el59RHdtyHrrLtPF:7AljuPySPpyl5rHdQjtd

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7d5f04601c30d697a6925cd57f536454.exe
    "C:\Users\Admin\AppData\Local\Temp\7d5f04601c30d697a6925cd57f536454.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Users\Admin\AppData\Local\Temp\7d5f04601c30d697a6925cd57f536454.exe
      "C:\Users\Admin\AppData\Local\Temp\7d5f04601c30d697a6925cd57f536454.exe"
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/952-3-0x0000000000400000-0x000000000044F000-memory.dmp

    Filesize

    316KB

    Download

  • memory/952-6-0x0000000000400000-0x000000000044F000-memory.dmp

    Filesize

    316KB

    Download

  • memory/952-7-0x0000000000400000-0x000000000044F000-memory.dmp

    Filesize

    316KB

    Download

  • memory/952-8-0x0000000000710000-0x000000000075F000-memory.dmp

    Filesize

    316KB

    Download

  • memory/952-10-0x0000000000400000-0x000000000044F000-memory.dmp

    Filesize

    316KB

    Download

  • memory/2280-0-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2280-2-0x0000000002170000-0x0000000002178000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2280-1-0x0000000002170000-0x0000000002178000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2280-4-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download