Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

BLACKLAUCNHER.exe

windows7-x64

1

BLACKLAUCNHER.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    13s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    30/06/2024, 21:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BLACKLAUCNHER.exe

  • Size

    66.3MB

  • MD5

    92c15f17cf646b663a7d63301d4d4700

  • SHA1

    55b4829a05bfaa63a7a1838abf41348951003bb2

  • SHA256

    ee8f6302f14b7b8cfab026d66b4bc79791eb7ccf7bb47fbb81f275f285ab4951

  • SHA512

    e458bd4dd8da457e5222961de2ce882821b7e20f6b490ae6484305d8ac30392d03eacf6f5ed67b2668a4ac85c1b8190bca1cb14d1a618cc3ba0c5defccb2f416

  • SSDEEP

    393216:7qCKJWr646m8GH5y4SVFY+L/I5glN7tFL+fzqdqhuQjPLzXr:7qCKJWr36PGZpSVFh/aglNpg7jPr

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\BLACKLAUCNHER.exe
    "C:\Users\Admin\AppData\Local\Temp\BLACKLAUCNHER.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2220 -s 192
      2⤵
        PID:2068

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2220-0-0x000000013F280000-0x0000000143635000-memory.dmp

      Filesize

      67.7MB

      Download

    • memory/2220-2-0x000000013F280000-0x0000000143635000-memory.dmp

      Filesize

      67.7MB

      Download