Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
24/02/2024, 06:09 UTC
General
-
Target
a124029e8318be23855a1868458d6380.exe
-
Size
100KB
-
MD5
a124029e8318be23855a1868458d6380
-
SHA1
765aa0c0ae575ba63eea2a43340b2ff5b92950ad
-
SHA256
16dcd002b4c8872bafd2151f92f550bcc2f49350370906ee3bc85fde351e0f2b
-
SHA512
e147a0bc2651bc32f665103d73413787e88df7aa0e5d9fcbfc48e3ffcbe2df3a59d1975dcfa25ec84c8100a7f97c96fe03e3ae02d6b4276eb04d3953e6092da9
-
SSDEEP
1536:2UTIOW/eGheFMyLo7EucDah6XpPF0PlXl0ShW/MW+EA310JD:2EIHhcMyLojIYPP0Dn+EA310JD
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in System32 directory 3 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\a124029e8318be23855a1868458d6380.exe"C:\Users\Admin\AppData\Local\Temp\a124029e8318be23855a1868458d6380.exe"1⤵
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
-
C:\WINDOWS\SysWOW64\YCWWCW.EXE"C:\WINDOWS\SYSTEM32\YCWWCW.EXE"2⤵
- Executes dropped EXE
- Drops file in System32 directory
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
100KB
MD5a124029e8318be23855a1868458d6380
SHA1765aa0c0ae575ba63eea2a43340b2ff5b92950ad
SHA25616dcd002b4c8872bafd2151f92f550bcc2f49350370906ee3bc85fde351e0f2b
SHA512e147a0bc2651bc32f665103d73413787e88df7aa0e5d9fcbfc48e3ffcbe2df3a59d1975dcfa25ec84c8100a7f97c96fe03e3ae02d6b4276eb04d3953e6092da9