Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Bootsrapper (2).rar

windows7-x64

3

Bootsrapper (2).rar

windows10-2004-x64

3

Release/Mi...es.dll

windows7-x64

1

Release/Mi...es.dll

windows10-2004-x64

1

Release/Mi...es.xml

windows7-x64

3

Release/Mi...es.xml

windows10-2004-x64

1

Release/Sh...ss.dll

windows7-x64

1

Release/Sh...ss.dll

windows10-2004-x64

1

Release/Sy...rs.dll

windows7-x64

1

Release/Sy...rs.dll

windows10-2004-x64

1

Release/Sy...rs.xml

windows7-x64

3

Release/Sy...rs.xml

windows10-2004-x64

3

Release/Sy...ry.dll

windows7-x64

1

Release/Sy...ry.dll

windows10-2004-x64

1

Release/Sy...ry.xml

windows7-x64

3

Release/Sy...ry.xml

windows10-2004-x64

1

Release/Sy...rs.dll

windows7-x64

1

Release/Sy...rs.dll

windows10-2004-x64

1

Release/Sy...rs.xml

windows7-x64

3

Release/Sy...rs.xml

windows10-2004-x64

1

Release/Sy...fe.dll

windows7-x64

1

Release/Sy...fe.dll

windows10-2004-x64

1

Release/Sy...fe.xml

windows7-x64

3

Release/Sy...fe.xml

windows10-2004-x64

1

Release/Sy...es.dll

windows7-x64

1

Release/Sy...es.dll

windows10-2004-x64

1

Release/Sy...es.xml

windows7-x64

3

Release/Sy...es.xml

windows10-2004-x64

1

Release/Sy...ns.dll

windows7-x64

1

Release/Sy...ns.dll

windows10-2004-x64

1

Release/Sy...ns.xml

windows7-x64

3

Release/Sy...ns.xml

windows10-2004-x64

1

Resubmissions

02/08/2024, 18:55

240802-xkzn9a1bkg 3

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/08/2024, 18:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Release/System.Text.Encoding.CodePages.xml

  • Size

    2KB

  • MD5

    c1bed46594fd83112d7e77050eb0e874

  • SHA1

    cc5c4d051678e7de0ffe9d7354556f421699c04a

  • SHA256

    2aa6e789fa4827267fcf178cadc9f1eb9772e45fb6d8a1fa631343e221b2c5bc

  • SHA512

    b616a7782e297b70b063413cb103cfbcff7a5dda8e074937232650ac7ab05dbd6fcd541b203ea639e75eeb6dfd24e6ecbac2fc9038505e15d738e018ab9e765c

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\Release\System.Text.Encoding.CodePages.xml"
    1⤵
      PID:3240

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3240-0-0x00007FF7CA570000-0x00007FF7CA580000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3240-1-0x00007FF80A58D000-0x00007FF80A58E000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3240-2-0x00007FF80A4F0000-0x00007FF80A6E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/3240-3-0x00007FF80A4F0000-0x00007FF80A6E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/3240-4-0x00007FF80A4F0000-0x00007FF80A6E5000-memory.dmp

      Filesize

      2.0MB

      Download