Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

FluentIcon...on.dll

windows7-x64

1

FluentIcon...on.dll

windows10-2004-x64

1

FluentIcons.WPF.dll

windows7-x64

1

FluentIcons.WPF.dll

windows10-2004-x64

1

Wpf.Ui.dll

windows7-x64

1

Wpf.Ui.dll

windows10-2004-x64

1

fPoeSmoother.exe

windows7-x64

1

fPoeSmoother.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/02/2024, 20:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fPoeSmoother.exe

  • Size

    1.8MB

  • MD5

    e7bc4056ca01c223875c40eab01cb9d1

  • SHA1

    72b08a05e49a61d43165d72cd7ab072b5b7a99fd

  • SHA256

    0c932b2c67c0b3a5816fab7b66f622367caa33eddf110a4d6317a906aa5a8bd3

  • SHA512

    9878802b7edc04b7cbb12b3ce0cea12f75a57edca3b5b35ac8528a421e376028517c691be6cd903d44c2342e258a42a501270880af9d09e9252ae51c9d0ff3ad

  • SSDEEP

    49152:ahQONPdzpDMjY91n+Zs4ZLJzODe4keLPq/VCi1QOoTdRus:xUN+ei0f2fVkdks

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fPoeSmoother.exe
    "C:\Users\Admin\AppData\Local\Temp\fPoeSmoother.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2180-0-0x000000013F730000-0x000000013F902000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/2180-1-0x000007FEF5BD0000-0x000007FEF65BC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2180-2-0x0000000000540000-0x0000000000544000-memory.dmp

    Filesize

    16KB

    Download

  • memory/2180-3-0x00000000025D0000-0x0000000002650000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2180-4-0x000000001CA00000-0x000000001CCBA000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2180-5-0x000000001CCC0000-0x000000001D180000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/2180-6-0x0000000000550000-0x0000000000554000-memory.dmp

    Filesize

    16KB

    Download

  • memory/2180-7-0x00000000025D0000-0x0000000002650000-memory.dmp

    Filesize

    512KB

    Download

  • memory/2180-8-0x0000000000800000-0x000000000080A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2180-9-0x000000001EDF0000-0x000000001EF38000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/2180-10-0x0000000000800000-0x0000000000824000-memory.dmp

    Filesize

    144KB

    Download

  • memory/2180-11-0x00000000009B0000-0x00000000009CA000-memory.dmp

    Filesize

    104KB

    Download

  • memory/2180-12-0x000007FEF5BD0000-0x000007FEF65BC000-memory.dmp

    Filesize

    9.9MB

    Download