Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

614f0da323...40.exe

windows7-x64

7

614f0da323...40.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06/06/2024, 14:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    614f0da323a2b1b728464a35aac419890eb898093aaa731119f5a96fef952f40.exe

  • Size

    3.9MB

  • MD5

    31088ecd3cd9c7eb3b31fc421f09b677

  • SHA1

    2e5bf248caec6679f576cc942c5706f94b00feed

  • SHA256

    614f0da323a2b1b728464a35aac419890eb898093aaa731119f5a96fef952f40

  • SHA512

    9cd4f3b76ebf764bc87bd528e02dd56da12c8178240a3e8b7ada45e775117483296ea67c84110911b955b06320408babb85827645293ce003b01f85cc78aea2d

  • SSDEEP

    98304:YJKSfrDC9NIQW7v7Enra3Jy/yjn3rafFL7c1Js2+mHRCLV:YJ3X6+D7Qrx/Ebaf9oHRC

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious use of NtSetInformationThreadHideFromDebugger 37 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\614f0da323a2b1b728464a35aac419890eb898093aaa731119f5a96fef952f40.exe
    "C:\Users\Admin\AppData\Local\Temp\614f0da323a2b1b728464a35aac419890eb898093aaa731119f5a96fef952f40.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1636-0-0x0000000000400000-0x00000000007EA000-memory.dmp

    Filesize

    3.9MB

    Download

  • memory/1636-1-0x00000000768B0000-0x00000000768F7000-memory.dmp

    Filesize

    284KB

    Download

  • memory/1636-504-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-508-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-512-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-516-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-524-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-526-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-522-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-520-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-518-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-514-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-510-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-506-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-503-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-528-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-542-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-532-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-536-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-540-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-544-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-564-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-562-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-560-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-558-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-556-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-554-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-552-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-550-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-548-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-546-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-538-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-534-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1636-530-0x0000000002590000-0x00000000026A1000-memory.dmp

    Filesize

    1.1MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.