Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

a231bd0e92...43.exe

windows7-x64

6

a231bd0e92...43.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    91s
  • max time network
    113s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/02/2024, 15:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a231bd0e927623961033bc5fe696a343.exe

  • Size

    389KB

  • MD5

    a231bd0e927623961033bc5fe696a343

  • SHA1

    30fdc6a417083e38c710f0212bfe64acf1b4f1ab

  • SHA256

    f382091338f2e332724c9c20772487d06bce86e00b1acc5e1684f4aeb91765af

  • SHA512

    0407aa8b9628758ac0c710372d55e25eea6e6bb2ad54eae914420843869c1cb8287216c31773d287a5da97cb888dfbe8db906ccf6a91b21d6a5abc240325d538

  • SSDEEP

    12288:u2YBuF6Kl/uAcihIxYB2qzC4wGO9HWpo34:u9BfC+ihIG2qzKhxqo34

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a231bd0e927623961033bc5fe696a343.exe
    "C:\Users\Admin\AppData\Local\Temp\a231bd0e927623961033bc5fe696a343.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of SetWindowsHookEx
    PID:3324

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3324-0-0x0000000000400000-0x0000000000463000-memory.dmp

    Filesize

    396KB

    Download

  • memory/3324-1-0x0000000000400000-0x0000000000463000-memory.dmp

    Filesize

    396KB

    Download

  • memory/3324-5-0x0000000000400000-0x0000000000463000-memory.dmp

    Filesize

    396KB

    Download

  • memory/3324-6-0x0000000000400000-0x0000000000463000-memory.dmp

    Filesize

    396KB

    Download