Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    02/08/2024, 14:11

General

  • Target

    Screenshot_2024-08-01-22-50-05-664.jpg

  • Size

    10KB

  • MD5

    30ae06ca65050d789da2f4a43a6227fd

  • SHA1

    f451eda9151a3a2e21f0467239a4d5105863bec3

  • SHA256

    a4b8332f443cbca9fd1b31a3bd84f09ddcace1417013c1110e7ac2445ffa7f4e

  • SHA512

    0e5fc496133d3c6b5a921a864fe02f4c888eedd733a2b6279b72747e689a418d61e57aec381ab0c95a848c12921f4cc3efbfb6f7d1cf0140ed1f5995df169b1a

  • SSDEEP

    192:9jA3ZZZZZZZZZzUsAfLy/6nSn3SRXBiHJGNUxdb/UJ6txd3VcAKIhc:9U3ZZZZZZZZrAhnSniziH0NQJUyc2W

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\Screenshot_2024-08-01-22-50-05-664.jpg
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:2084

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2084-0-0x0000000001D70000-0x0000000001D71000-memory.dmp

    Filesize

    4KB

  • memory/2084-1-0x0000000001D70000-0x0000000001D71000-memory.dmp

    Filesize

    4KB