Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4103f3ac4d...18.exe

windows7-x64

7

4103f3ac4d...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$WINDIR/Sy...er.dll

windows7-x64

1

$WINDIR/Sy...er.dll

windows10-2004-x64

1

Cleaner.exe

windows7-x64

1

Cleaner.exe

windows10-2004-x64

1

Firewall.exe

windows7-x64

1

Firewall.exe

windows10-2004-x64

1

Resources/...op.htm

windows7-x64

1

Resources/...op.htm

windows10-2004-x64

1

Resources/...ty.htm

windows7-x64

1

Resources/...ty.htm

windows10-2004-x64

1

Sweeper.exe

windows7-x64

3

Sweeper.exe

windows10-2004-x64

3

Uninstaller.exe

windows7-x64

1

Uninstaller.exe

windows10-2004-x64

1

firewall.sys

windows7-x64

1

firewall.sys

windows10-2004-x64

1

foxiecoreu.dll

windows7-x64

6

foxiecoreu.dll

windows10-2004-x64

6

foxietoolbaru.dll

windows7-x64

6

foxietoolbaru.dll

windows10-2004-x64

6

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    16s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2024, 08:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    firewall.sys

  • Size

    2KB

  • MD5

    5779f099684ddf70a0c63e21b498ad34

  • SHA1

    9cc8f0be4d8e3ed1ab1ef4256f1e77c53fcd2013

  • SHA256

    1b6f32ee6b1e66a1c1804e0dc08a76340d7c38ff366e9170b2eac97466794506

  • SHA512

    fa8c8b6085cac2070f004ebdc1f9a8dc02d27bcd53ec95b3e76e36cd9675b279cb36708a04eb3dfcc34a83e9cf8eb666cda8cbadc04bd8c2f9a8f239571fd064

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\firewall.sys
    1⤵
      PID:2208
      • C:\Users\Admin\AppData\Local\Temp\firewall.sys
        C:\Users\Admin\AppData\Local\Temp\firewall.sys
        2⤵
          PID:1108

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads