Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

ab9bc1f473...f5.exe

windows7-x64

5

ab9bc1f473...f5.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/02/2024, 09:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ab9bc1f4736be834f5b2d11fbd1455f5.exe

  • Size

    739KB

  • MD5

    ab9bc1f4736be834f5b2d11fbd1455f5

  • SHA1

    42c0e1402d23afbdbdc89c08f9ba8096d0dc3e22

  • SHA256

    23a38b36e62cd6133e6b52be8bd28e68f8a41ead41f4cffe8dac7ed190806233

  • SHA512

    4c7396b2bfb2cafd5e91164fcf0fbadb7656cbdffb8947860401556594e46006f3cd969d1a6ddf231d79f798466947dcfadab6ca9d5b17a311283562af8a4867

  • SSDEEP

    12288:JFy44kHzp1zBWmuKyKn/zh9fe0qYrB3bU0S:Jh4kHzvuAXfYy3bU0S

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ab9bc1f4736be834f5b2d11fbd1455f5.exe
    "C:\Users\Admin\AppData\Local\Temp\ab9bc1f4736be834f5b2d11fbd1455f5.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    PID:1876

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1876-1-0x0000000000400000-0x00000000004BD000-memory.dmp

    Filesize

    756KB

    Download

  • memory/1876-0-0x0000000000400000-0x00000000004BD000-memory.dmp

    Filesize

    756KB

    Download

  • memory/1876-2-0x0000000000400000-0x00000000004BD000-memory.dmp

    Filesize

    756KB

    Download

  • memory/1876-3-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1876-4-0x0000000000400000-0x00000000004BD000-memory.dmp

    Filesize

    756KB

    Download

  • memory/1876-5-0x0000000000370000-0x0000000000371000-memory.dmp

    Filesize

    4KB

    Download