Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

155�...վ.url

windows7-x64

1

155�...վ.url

windows10-2004-x64

1

HiDownload...um.exe

windows7-x64

7

HiDownload...um.exe

windows10-2004-x64

7

keygen.exe

windows7-x64

7

keygen.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    11/08/2024, 01:51 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    keygen.exe

  • Size

    79KB

  • MD5

    25f8471d0719793ae2678fe6d296cff8

  • SHA1

    2974c1e664e781f191bc2ef921b8c4596dda35cc

  • SHA256

    efe647bc59425c994c956af3d56840571f40510e7dad39f1e8e689dfceaf4e6a

  • SHA512

    c6b856d16a783e6e0dc5dc06ffc9298acbd832d0f65e421552ec0dffd3b1b20760b1c630961b19ce0990e5f55419f2e6198f62c42f9dfb00874bc37167ed91dc

  • SSDEEP

    1536:HTePfqCqIz1YVFlvInmxxZtxYVI1rRWR2m0hi1juHzLVKSaqzAWGG6ISJqRnL:zOfnzWzlgmxlxM+WR2mAVoqHGbISsRL

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 16 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\keygen.exe
    "C:\Users\Admin\AppData\Local\Temp\keygen.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2388

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2388-0-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-1-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-2-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-3-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-4-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-5-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-6-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-7-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-8-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-9-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-10-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-11-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-12-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-13-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-14-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

  • memory/2388-15-0x0000000000400000-0x000000000049B000-memory.dmp

    Filesize

    620KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.