Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
25/02/2024, 03:50
General
-
Target
c8d6f1e7b6d1ee1c14c455e132597aba.exe
-
Size
412KB
-
MD5
c8d6f1e7b6d1ee1c14c455e132597aba
-
SHA1
010e95fa3cb1b248ae8196b41c6d01bf37803446
-
SHA256
59c7fb9866c5bc72599c78523715da9e3bda3ba6ea52542e956f6a34d06b2f15
-
SHA512
03f7058efa8914fd9acf5de847a8c5e4380b669532f1be77ee70b17c556e7ec0ebfbc5b169c5713610a7d11da052c8c6ab03d415a3075666e37f10cea199f86d
-
SSDEEP
12288:U6PCrIc9kph5XVmqhdtFN50GwrJDKIaSeDeGrI:U6QIcOh5Xvd32GxXr
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c8d6f1e7b6d1ee1c14c455e132597aba.exe"C:\Users\Admin\AppData\Local\Temp\c8d6f1e7b6d1ee1c14c455e132597aba.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\49DC.tmp"C:\Users\Admin\AppData\Local\Temp\49DC.tmp" --pingC:\Users\Admin\AppData\Local\Temp\c8d6f1e7b6d1ee1c14c455e132597aba.exe 692A4392F54467C7E70BDEE56D830A648A4A92ED979A5C370E28D760BB8BB88A2AB31B1229B6B12D2F592246E7FB224629D7ABF7B716AE257600E5C1063A01F62⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
412KB
MD5999f00e9ced9f686665a79862c5212a5
SHA1b4f0e9d6867758697d6f18a13bd4710553948a5d
SHA256e486925ad8521decd6a6242401a0932ed19e9f7dec41ff952933b39bb133ac7e
SHA512e1e517e1a04878f915abc8b1d077762abd022c7fa50b4d6fa37bd9c53bca5746621a652087516c5cb2d9b4627c939158ad8266d50657e572a46be0b11646f113