Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

PatchMyPC.exe

windows7-x64

1

PatchMyPC.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    07/06/2024, 20:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PatchMyPC.exe

  • Size

    2.5MB

  • MD5

    8a5fcb46ed7f458a508f9e7f31b2950c

  • SHA1

    8b68711f8de7ba182427da118644b63083894fee

  • SHA256

    d5a2ddba0ee5c577268d69bbc129046d48f36c8306c8a57d4f6b2e2ded193202

  • SHA512

    c44e4f7b2782d36fe33ef8cbf22e0a2a3a086cde82aa4a2c8856099391ca202f7df7ee84c6f59bba24ada636964edcac1d966fb50c2cd0cad7219af4a273222f

  • SSDEEP

    24576:DEZDSTqCIraM1VVPIpvl1SqEU/+uRuNixgxkaBRrI0kDf:DEo+DraM1VVPIpvl1SQ/+uMOg33Ibr

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PatchMyPC.exe
    "C:\Users\Admin\AppData\Local\Temp\PatchMyPC.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2412 -s 2104
      2⤵
        PID:2116

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2412-0-0x000007FEF5DD3000-0x000007FEF5DD4000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2412-1-0x0000000000890000-0x0000000000B0C000-memory.dmp

      Filesize

      2.5MB

      Download

    • memory/2412-2-0x000007FEF5DD0000-0x000007FEF67BC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2412-3-0x000007FEF5DD0000-0x000007FEF67BC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2412-4-0x000007FEF5DD0000-0x000007FEF67BC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2412-5-0x000007FEF5DD0000-0x000007FEF67BC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2412-6-0x000007FEF5DD0000-0x000007FEF67BC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2412-7-0x000007FEF5DD3000-0x000007FEF5DD4000-memory.dmp

      Filesize

      4KB

      Download