Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    20/04/2024, 08:48

General

  • Target

    Discord-Account-Creator-main/avatars/avatar_1.jpg

  • Size

    18KB

  • MD5

    3f008e3367426993e757095d9370a29d

  • SHA1

    10d1339b27dcb8a183662ebcabf1ad68e83ae4db

  • SHA256

    d158cdf160288f42baa3318d121a3d10ee0c3f40380a7c0a565878caf37031ec

  • SHA512

    74aebc62882468ac63f62ed467344d452d1bd39fc3d8c9de279c612b7396ff63fa2881ba83335a06ca3bf608ef7407850854fdfd6e0b7bb22403031834d71779

  • SSDEEP

    384:b2FUIDSzev6qBuGXo/pojWg7SjYxGErBW6Jm9gxOt10J4dsRH:b4UjivxEGXTjW86jErYzE4dsRH

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\Discord-Account-Creator-main\avatars\avatar_1.jpg
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:3068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3068-0-0x0000000000310000-0x0000000000311000-memory.dmp

    Filesize

    4KB

  • memory/3068-1-0x0000000000310000-0x0000000000311000-memory.dmp

    Filesize

    4KB