Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/02/2024, 02:48
General
-
Target
949bc47770d75628e9890b4c3a58348a.exe
-
Size
479KB
-
MD5
949bc47770d75628e9890b4c3a58348a
-
SHA1
a702c82a2ec2e90a6fcbe18b846fc1ca4b675c34
-
SHA256
f7d3fdd54060e8ba9e444da46cc981c55193d8ed676c6374a84d408b7a789e4b
-
SHA512
56eda7cbe81ed260241d6da5f003e37ac1b991222b4146fabbd681147d364f14fd174a3e8cfc6ce1ce5818c8687420fdaf30ebde76edef40e40d06d069eb4925
-
SSDEEP
12288:bO4rfItL8HAHRGcOJSdgG30It/cRm975UO:bO4rQtGAH4DrG/co9VUO
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\949bc47770d75628e9890b4c3a58348a.exe"C:\Users\Admin\AppData\Local\Temp\949bc47770d75628e9890b4c3a58348a.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\586C.tmp"C:\Users\Admin\AppData\Local\Temp\586C.tmp" --helpC:\Users\Admin\AppData\Local\Temp\949bc47770d75628e9890b4c3a58348a.exe C155C59D8C247ED3ACA24F0DD913D96C0D02968B69EE34713ABB91D189BD4325AC19E35FB2DFC49B3FBA9D08493D37FAB5F1E24307E3803BD47A98613DE797A82⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
479KB
MD537845182cf23486724f4d28e6b5007a1
SHA1eb26213849b28966da6809f0a49c2d27f206689d
SHA25692e48f454ec9fc892e329e8247d9076eb71ddd51b80cebd37f070ff819c8ae17
SHA512e3fdb07420ba4507dcf3f869e97885f0b6debc4f2ddae85f84df5b53364e9ed1a17091d14b33db2f0e05b498fd617c527cee5b41434eb337c5c25d8c8b14baf9