Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

test.exe

windows7-x64

7

test.exe

windows10-2004-x64

7

test.ps1

windows7-x64

1

test.ps1

windows10-2004-x64

1

Resubmissions

18/03/2024, 21:13

240318-z2v4haab76 7

Analysis

  • max time kernel
    37s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18/03/2024, 21:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    test.exe

  • Size

    16.0MB

  • MD5

    229cf7e44ac6fbf85ae8e87ca2067b13

  • SHA1

    7af8962eb7fab9f0621407875bed0b2779896c2f

  • SHA256

    96dc9f4ac4a760e58c552765ae678b581bd138fac8e257d6eee8c7372e9cf59c

  • SHA512

    9932fe9fa439f8e9edcefc80b472b4ac0a28457afc424b36da14d711e35004a6dbcf909c84cf323adbd540da658661f701ed7e4a3a1aa392912f3385e503dc59

  • SSDEEP

    393216:7/OL3/dzgf8BTq1+TtIiFHuvB5IjWqn6ed+EzT0yvhXUS+da:ypbBTq1QtIaS3ILn6edEyvl+da

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\test.exe
    "C:\Users\Admin\AppData\Local\Temp\test.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1720
    • C:\Users\Admin\AppData\Local\Temp\test.exe
      "C:\Users\Admin\AppData\Local\Temp\test.exe"
      2⤵
      • Loads dropped DLL
      PID:1960
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2832

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\_MEI17202\api-ms-win-core-file-l1-2-0.dll
      Filesize

      13KB

      MD5

      98ddac167649e1e964d67dec2e9f7c7d

      SHA1

      fb03d430be15f289e1650586e53d89108e6609e0

      SHA256

      dd041c2845c2cae9c0d88f994b406ee02810a0e2f5b21bda3d9a9898af4a6384

      SHA512

      aa6c8fd2db0c7a07d7fd9d50b177285f46d966366beb2e6056ffc3ca6a7af69fa2b09f052a4d691d6a7e3e3247805d88694ebe037293a11218f73fc06a272933

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI17202\api-ms-win-core-file-l2-1-0.dll
      Filesize

      13KB

      MD5

      93a9f0a0dd5dc5e6d20328929a7c913f

      SHA1

      2986eab27995aee32b38ef7599c1f01ffb03ecbb

      SHA256

      43ec563b4177c3874543c48b74e664e0a34c180e8796651842f826d848e68b13

      SHA512

      602ba8544e46e4b0ccd1316c55591c9abacadebad7b4e67432da8741829449e33935a2951476e36e91bde63a263a86fa9d11fb4b3d3930edbdbbc59ffdb53c13

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI17202\api-ms-win-core-localization-l1-2-0.dll
      Filesize

      15KB

      MD5

      538280fffd3eb0c08389d4d7a728feb1

      SHA1

      25562cd0be8ee8200a131c57b198c235689d650d

      SHA256

      dd64d7a9011f84b93543063ccb71f9eb677f99f2b1f65c0994b674f09a258beb

      SHA512

      ca95bfd5879a79d42a8dc7665547e1f88f7990074553354c5988028289656c2ba047bc6c485e8e638a6223584b72f2e7f27fd0fa514b80a8e6e6f6fa0e3e411a

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI17202\api-ms-win-core-processthreads-l1-1-1.dll
      Filesize

      13KB

      MD5

      61739b6e93eae28f06b31f8ad752cf4b

      SHA1

      9cc114ef5d7fe6739b2af8ac283e201c2461ce5b

      SHA256

      9f14e7add13989a5873622f10bc15fe858edd240b3e181e6ccd5074defc7e97b

      SHA512

      19c396600dd8706467898e75101d7dba5efb43853330655280c45b2ce69903a3d1efcb2571fd0c482eb851c12ea1890d8947813dc3e89467e40efc4866a0d1bd

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI17202\api-ms-win-core-timezone-l1-1-0.dll
      Filesize

      13KB

      MD5

      f886e1e8f537b60fd0f205d5787d058f

      SHA1

      f4c6bb05f4db350c34f2fd02fa1549494e756570

      SHA256

      1a52e59cd024cf8bfeb5b747c23395bf9e29e9631bf715ab0fbb07fe5d696045

      SHA512

      922619c949188caa4ee014ebd6ccd7c61a1ea7744fa40a7e7568b6c2bb3b476ca54d6d3e9e8b7174bcd3fa41d5c4583248e3511312e4138ff37dcf3139a64571

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI17202\python312.dll
      Filesize

      6.7MB

      MD5

      550288a078dffc3430c08da888e70810

      SHA1

      01b1d31f37fb3fd81d893cc5e4a258e976f5884f

      SHA256

      789a42ac160cef98f8925cb347473eeeb4e70f5513242e7faba5139ba06edf2d

      SHA512

      7244432fc3716f7ef27630d4e8fbc8180a2542aa97a01d44dca260ab43966dd8ac98b6023400b0478a4809aace1a128f1f4d6e544f2e591a5b436fd4c8a9d723

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\_MEI17202\ucrtbase.dll
      Filesize

      987KB

      MD5

      031e9924a7142a347412ae516ee7c369

      SHA1

      fb6d0c7df7dd2aa38736e10ea9b297fc35b8856b

      SHA256

      30836f7df28667d95881ab62efa7582a22ae855c07667b46abce5b17d0252c46

      SHA512

      a34807aca9f58b65c5c6837deca193926a60ec2219440d95584f80a92c48ad51ea357ccd5eb67f94984a71930d99dc68815fff0c8c90ebe597085cb2dfbcce4e

      Download Submit