Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01/06/2024, 03:19

General

  • Target

    c3c49015b89201266d2513b4b3622dfa.exe

  • Size

    9.9MB

  • MD5

    c3c49015b89201266d2513b4b3622dfa

  • SHA1

    0bfeb9c05eb86d4e7c68eadf0779c340e7ed53d1

  • SHA256

    5bb5aaa3120c863b9f4ac00f2e0ea9b10f70a182f8d276f1e84a25c978dc502e

  • SHA512

    9b2c41b4a719baeab6961e0dc946092735db509ff2c216e3a0e486b6610ea59c50d50efb0bbe10773b7dfa86395ae4dce65bcabd2ea1893ea3dac5b3e542ba0e

  • SSDEEP

    98304:3u5x6M1WopNhS9Yw8yPNhS9Yw8yuFhHZhANhS9Yw8yE:AiewflwfAh+wfE

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 2 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 25 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c3c49015b89201266d2513b4b3622dfa.exe
    "C:\Users\Admin\AppData\Local\Temp\c3c49015b89201266d2513b4b3622dfa.exe"
    1⤵
    • Drops file in Drivers directory
    • Adds Run key to start application
    • Drops file in Program Files directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2752

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\7-Zip\Uninstall.exe

    Filesize

    9.9MB

    MD5

    227b8941bb23c3fdae9669aebdefdb2d

    SHA1

    27df532b88c526a17bad98cd1cd60789422fadf8

    SHA256

    8e9e38cefd07a214e9361090374ff4dad2dec94bc5d3e435b8c8b5e4c42a0cfc

    SHA512

    9f46f4b285dcd7640e399e9123064b5e05dcc91fbd376d4a3c4cf41efd7427011475c68e0987e5566af48717e98aefcf07e030df340ecb0fa04095bb49fa1695