Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
21/04/2024, 20:11
General
-
Target
2f929139cea2679d31f402a5d362becdbae476be9d0049851bc5eb8b6664e2f0.exe
-
Size
668KB
-
MD5
aa92ad095229171fc1b4209798ff4d1c
-
SHA1
3d1715c146d3b5d57f583eebb91a964242b7cc0d
-
SHA256
2f929139cea2679d31f402a5d362becdbae476be9d0049851bc5eb8b6664e2f0
-
SHA512
c815529b71762a9f3c95e577d602a0d39ae0e8aa640fac058e4f4be50104a5198c31679ad92263b9e367e71bb3c9a702850621da8e9bac9cc588515688237ec7
-
SSDEEP
12288:UWBm+95nHfF2mgewFx5zPooWlU1kfgjdkAZgewF:UWBz95ndbgfx5LUgjTZgf
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2f929139cea2679d31f402a5d362becdbae476be9d0049851bc5eb8b6664e2f0.exe"C:\Users\Admin\AppData\Local\Temp\2f929139cea2679d31f402a5d362becdbae476be9d0049851bc5eb8b6664e2f0.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2424.tmp"C:\Users\Admin\AppData\Local\Temp\2424.tmp" --pingC:\Users\Admin\AppData\Local\Temp\2f929139cea2679d31f402a5d362becdbae476be9d0049851bc5eb8b6664e2f0.exe DFC282AFA51EB457A9BF88DB8FD805A02766954A2B4E6B327D45F7D604FF8535EA0D9FA8B99499AE6C898C78B239B9090339506875D94E664234EC4A31E0C69E2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
668KB
MD5067de7c6a9354740c7b0effceb08d3a5
SHA1996692b6ec3d4f3ac1e23cd23c85d64b070e8f62
SHA256cf26d72c66c878e5f23155313466ff4abee633a5e4a323e7e2958c818d80f4b5
SHA5128399d7927b1ac1969de4eea259ae8dc2a78ad1a93041a4edba69bd9fc647c4ede40bd2c812850693f913410161e54b051c80cb9793b40c13afa77c412d87eb33
-
Filesize
728KB
-
Filesize
728KB
-
Filesize
728KB
-
Filesize
728KB
-
Filesize
728KB