Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

App.exe

windows7-x64

7

App.exe

windows10-2004-x64

7

Freemasonry (2).exe

windows7-x64

10

Freemasonry (2).exe

windows10-2004-x64

10

Freemasonry.exe

windows7-x64

3

Freemasonry.exe

windows10-2004-x64

7

NisSrv.exe

windows7-x64

10

NisSrv.exe

windows10-2004-x64

10

Presentati...he.exe

windows7-x64

1

Presentati...he.exe

windows10-2004-x64

10

SecurityHe...2).exe

windows7-x64

10

SecurityHe...2).exe

windows10-2004-x64

10

SessionService.exe

windows7-x64

10

SessionService.exe

windows10-2004-x64

10

SgrmBroker.exe

windows7-x64

10

SgrmBroker.exe

windows10-2004-x64

10

SocketHeciServer.exe

windows7-x64

10

SocketHeciServer.exe

windows10-2004-x64

10

cmd.exe

windows7-x64

10

cmd.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    0s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 09:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Freemasonry.exe

  • Size

    7KB

  • MD5

    eeb0f31878b07f58b2d4095392134dba

  • SHA1

    a1a8a59656d8a3e43dc10118138a2cfd6cd071a5

  • SHA256

    a66cb74d56e1b85a50416a7cc63180e94f4f556f96dd7bbb863cf17433b2cee2

  • SHA512

    fe95c4b94eec74cd83e40437e70bd472368bd63b14da8535367c813814c2c226f7edade9ab3e994332143b989186dd02eabf5c32fbaabb6b6faf6d63a33addc9

  • SSDEEP

    96:16Mt8AFKh9ibN42TgWv4rJsHV3mQgepEmkOzNt:Dt8AFKPYecgy49sHV3mQg3hI

Score
3/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\Freemasonry.exe
    "C:\Users\Admin\AppData\Local\Temp\Freemasonry.exe"
    1⤵
      PID:1052
      • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
        "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle Hidden -Command Add-MpPreference -ExclusionPath 'C:\'
        2⤵
          PID:2500

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1052-0-0x00000000009C0000-0x00000000009C8000-memory.dmp

        Filesize

        32KB

        Download

      • memory/1052-1-0x0000000074270000-0x000000007495E000-memory.dmp

        Filesize

        6.9MB

        Download

      • memory/1052-2-0x0000000074270000-0x000000007495E000-memory.dmp

        Filesize

        6.9MB

        Download

      • memory/2500-5-0x0000000073160000-0x000000007370B000-memory.dmp

        Filesize

        5.7MB

        Download

      • memory/2500-9-0x0000000002CE0000-0x0000000002D20000-memory.dmp

        Filesize

        256KB

        Download

      • memory/2500-8-0x0000000002CE0000-0x0000000002D20000-memory.dmp

        Filesize

        256KB

        Download

      • memory/2500-7-0x0000000002CE0000-0x0000000002D20000-memory.dmp

        Filesize

        256KB

        Download

      • memory/2500-6-0x0000000073160000-0x000000007370B000-memory.dmp

        Filesize

        5.7MB

        Download

      • memory/2500-10-0x0000000073160000-0x000000007370B000-memory.dmp

        Filesize

        5.7MB

        Download