Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

MDScan.dll

windows7-x64

1

MDScan.dll

windows10-2004-x64

1

MDecoder.exe

windows7-x64

1

MDecoder.exe

windows10-2004-x64

1

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 22:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MDecoder.exe

  • Size

    3.4MB

  • MD5

    c6b785b57ebf6da675cda4ec25475a84

  • SHA1

    5964bf09e74fc41ae6eda0a350a5ee233f996caf

  • SHA256

    237638a401e2e5df73c8043cb251e2395a7fb171e4835f8719bcdda93553a6bc

  • SHA512

    a22a1c8fe790c59eb275d7c3c531c287c0cb089604204b2a2ee1a971c792fd6f9f88a8227ad351d0422527977e67f9c99cc70043e0322e0ac7bc9925afadd04a

  • SSDEEP

    98304:cG6m7N3QX+d2XfOfaCwh0/qHeHpVWvH0AZ:qm71m3h0y+JVWvH0E

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MDecoder.exe
    "C:\Users\Admin\AppData\Local\Temp\MDecoder.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\config.ini
    Filesize

    90B

    MD5

    bed9d219129d0aac146a537140ffa971

    SHA1

    1a0f24e055cbb38c81fe46a14d5581e203744bf0

    SHA256

    9794c35732414e223fecd10b073c5616e3525cd49d9a78c5dcb59827f5771dc2

    SHA512

    fd3c261a2e59c911e96eb2a485270a1dfe950647aa31ba2664902e9bff87c37c97b50b7e48268395bf1c69007d791468d405637eb7c0625ef4bd7b1d081cdc11

    Download Submit