Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
15/03/2024, 03:59
General
-
Target
f1e6815d23cc4fcaf707a81c991a7a59.exe
-
Size
443KB
-
MD5
f1e6815d23cc4fcaf707a81c991a7a59
-
SHA1
39f73f0685e2fb4ba64ba486148e757465c774b2
-
SHA256
bcaf9a08b990741acc1a728da624e76abc21fbf01c2cf65ed2723f85b8de8b4f
-
SHA512
8b361a9ff64694e28e9974d58ed0e05763230fbd4f7ba171c6b7b642bf117d60cbe27b56b4709e631062840cc2ee99e6a85118445094669f4c86d4e603d37e0c
-
SSDEEP
12288:Wq4w/ekieZgU6rtqMNHgU7o1PW3IqdlMa:Wq4w/ekieH6THd9dP
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f1e6815d23cc4fcaf707a81c991a7a59.exe"C:\Users\Admin\AppData\Local\Temp\f1e6815d23cc4fcaf707a81c991a7a59.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\57D0.tmp"C:\Users\Admin\AppData\Local\Temp\57D0.tmp" --helpC:\Users\Admin\AppData\Local\Temp\f1e6815d23cc4fcaf707a81c991a7a59.exe 15D6FE94A7BFC419974181AA353C3E769C5AECEA00A17F63DC67D4ABE49C9AC3B8242F96033ECC4D7364038DFB532934E7D681C9BD4A83C747F029EC57B02F242⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
443KB
MD530b0b5d330e97875cf305c00f5e2e60f
SHA17f73d158a2035dab495473a18566cb4983c22b2d
SHA25667b5d595352b36dd6375096fea1b6cbd3b10c2dfb1e4b147fcc2d8a300928c55
SHA51259dc4931d6c1cedacb6a8985d4683cd7c325f8300a892a4e6d724bad792173156af440dca5e26253e8b49899f9d53e46c146ce2ee213ae54cccf527c6039beb2