Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

t.exe

windows7-x64

7

t.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26/04/2024, 05:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    t.exe

  • Size

    5.2MB

  • MD5

    25bcb5469cce5dbf227a2dd29b380e4a

  • SHA1

    4cd5e76a78bdfdcd5a7f641de55cab3d3bc75858

  • SHA256

    54c971819ecc21be14e4912f0c67e34b683169d11ea9a53512767f428721f971

  • SHA512

    f01c190e3ebbe0173f3b6f07fda9f346b7b98a148f80bd3bad64fca160c2f27851569323a5221a2f60eddcdf1855387e4805285ad2e2de63dfafcc70fe8226f9

  • SSDEEP

    98304:ins8EBDbyXnSuICDtPfeE/jo6KzA0xZRdp3zi5u5D41fopr26/Y1C/aY9xT9q:ins1DGXSuICteEroxzlxZV3Gu5D4S26c

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\t.exe
    "C:\Users\Admin\AppData\Local\Temp\t.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1988
    • C:\Users\Admin\AppData\Local\Temp\t.exe
      "C:\Users\Admin\AppData\Local\Temp\t.exe"
      2⤵
      • Loads dropped DLL
      PID:2840

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI19882\python310.dll
    Filesize

    4.2MB

    MD5

    384349987b60775d6fc3a6d202c3e1bd

    SHA1

    701cb80c55f859ad4a31c53aa744a00d61e467e5

    SHA256

    f281c2e252ed59dd96726dbb2de529a2b07b818e9cc3799d1ffa9883e3028ed8

    SHA512

    6bf3ef9f08f4fc07461b6ea8d9822568ad0a0f211e471b990f62c6713adb7b6be28b90f206a4ec0673b92bae99597d1c7785381e486f6091265c7df85ff0f9b5

    Download Submit