Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

a075393594...fd.exe

windows7-x64

3

a075393594...fd.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/AnVir.exe

windows7-x64

3

$TEMP/AnVir.exe

windows10-2004-x64

3

AnVir.exe

windows7-x64

3

AnVir.exe

windows10-2004-x64

3

AnvirHook65.dll

windows7-x64

1

AnvirHook65.dll

windows10-2004-x64

1

CoreTemp.exe

windows7-x64

1

CoreTemp.exe

windows10-2004-x64

1

CoreTemp64.exe

windows7-x64

1

CoreTemp64.exe

windows10-2004-x64

1

ROIntegration.dll

windows7-x64

1

ROIntegration.dll

windows10-2004-x64

1

VirusTotalUpload.exe

windows7-x64

1

VirusTotalUpload.exe

windows10-2004-x64

1

reg-organi...up.exe

windows7-x64

7

reg-organi...up.exe

windows10-2004-x64

7

tweaker.exe

windows7-x64

7

tweaker.exe

windows10-2004-x64

7

usbhdd.exe

windows7-x64

7

usbhdd.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/02/2024, 22:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CoreTemp64.exe

  • Size

    461KB

  • MD5

    67a9ed3059cc0cf57cd183fa8a61e8c4

  • SHA1

    12b65bf20fde09d5fb618d94f36c251aee706b2e

  • SHA256

    33c90242e0c355ddfd7e7491967a465267e0546c8b5d12b5f313e0cb8fd56361

  • SHA512

    a606e4d644a8a6a45ec2e46a7b06e23f04a40bd04fa0610590538a4f55509cf9ed10cdb87d67ca5a9c5ad0a3a96935ed9e4ae2e7e2b6434a6d680bd6140f34a0

  • SSDEEP

    6144:lBOp8PJsqMEgPFE5diN+sw9XgEcv7gVpA6dgISMAZOa3b4k1ZImcLTFY08h2XCYX:Wwtsw9XhzpLhAzhcy08e6m

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: LoadsDriver 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CoreTemp64.exe
    "C:\Users\Admin\AppData\Local\Temp\CoreTemp64.exe"
    1⤵
      PID:1556

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\ALSysIO64.sys
      Filesize

      17KB

      MD5

      5336fb23562d6bf5a92925bb0f57e26a

      SHA1

      1db73eecfa7020e38561beceb8aa8e806bcd5a17

      SHA256

      80fe7a4e2f681075e631a3de38551778fece6aa5e0ecd6e03a772a15744f6dff

      SHA512

      008729f1fd5e72eb1ec1765df201acf3d122b4204f8500b065395224052f90ba70fa541aaa46b7e1af455b8dadc9227c1c4fa6ee825beb69cd255bc66973f321

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\CoreTemp.ini
      Filesize

      803B

      MD5

      ebdb7459bf840bd2f365b5ac053254da

      SHA1

      1a74ae043c5720fd48c26b88d5961cc075b85338

      SHA256

      8bb66c4341ae44475300c9983854fc8ab5b6e1de56f26dcea0ca1b874245cd57

      SHA512

      362dc18e6a874861ff0de059e7f9a99b9bf4ce442e62a625c6aa7493859e797ada2e619743c9b7074f915758da37d52db5b458820f172383421841dcb400d24b

      Download Submit