Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    142s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01/02/2024, 02:01

General

  • Target

    85a2e8b031052691aba3256a82bc4eab.exe

  • Size

    8KB

  • MD5

    85a2e8b031052691aba3256a82bc4eab

  • SHA1

    0781146ae4a9a2b826ab4f0ca7b6e940ccdc2e26

  • SHA256

    91458a459b5d3b70f7fbf38506d16114d30c55851991a5dc7837e394a8b3f1e5

  • SHA512

    91f30f3f34733683cee2e74a0ce62502a294bf8e7503deb6b0ffe4328a2ad04e4e4d0aa2b85058e944a96b50f8e83bd93ca4bc697a48e2bc88cec8cc9ad1e8bc

  • SSDEEP

    192:AeWvuWvAPZodl6STyRcQJCKb2R1GY5X7h8B4LUSZ7vegQg6l:AeWvuWvAPZo76NRtrKNZ7h88U07vLQgc

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\85a2e8b031052691aba3256a82bc4eab.exe
    "C:\Users\Admin\AppData\Local\Temp\85a2e8b031052691aba3256a82bc4eab.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:1944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9VC31Q9\q[1].htm

    Filesize

    34B

    MD5

    e810047182af18c69834d89aef3cbbad

    SHA1

    b2324598e603b6aed2b191c50eacb5ecb9b81744

    SHA256

    5f3ae942fa25dae8fea11bfe5a7dd6f1b41ecbc71a2256e7f0299221c300dca7

    SHA512

    97684327d460831be382f81b0c1d9f42013f3125c846482582f920af9b213d9749fc91735179840f11feb68bf7e42dd37a9c54509acaf8488826cafd6eed634d

  • memory/1944-4-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB