Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
13s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
19/08/2024, 17:34
General
-
Target
afb469340f09a2c67472fa55f9bb9976c0926430c9f4a02685ed22db5d3a835e.exe
-
Size
7.2MB
-
MD5
fac8a866859c81c0f6366cd7c6c3ae93
-
SHA1
a9e7e66b5325788b9f00c80fb647170921b64c1b
-
SHA256
afb469340f09a2c67472fa55f9bb9976c0926430c9f4a02685ed22db5d3a835e
-
SHA512
7cec8be190c7ef321385450355abec2aa3790e6995f88a3c70c4cf9efad7799b471f8ac480f679b66cc77a96aba5324c96c270a354db5683f280c6e64fdaa170
-
SSDEEP
196608:owQA1HeT39IigleE9TFa0Z8DOjCdyl6kQVE9oD:Hp1+TtIiHY9Z8D8Ccl6nVD
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\afb469340f09a2c67472fa55f9bb9976c0926430c9f4a02685ed22db5d3a835e.exe"C:\Users\Admin\AppData\Local\Temp\afb469340f09a2c67472fa55f9bb9976c0926430c9f4a02685ed22db5d3a835e.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\afb469340f09a2c67472fa55f9bb9976c0926430c9f4a02685ed22db5d3a835e.exe"C:\Users\Admin\AppData\Local\Temp\afb469340f09a2c67472fa55f9bb9976c0926430c9f4a02685ed22db5d3a835e.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.6MB
MD53c388ce47c0d9117d2a50b3fa5ac981d
SHA1038484ff7460d03d1d36c23f0de4874cbaea2c48
SHA256c98ba3354a7d1f69bdca42560feec933ccba93afcc707391049a065e1079cddb
SHA512e529c5c1c028be01e44a156cd0e7cad0a24b5f91e5d34697fafc395b63e37780dc0fac8f4c5d075ad8fe4bd15d62a250b818ff3d4ead1e281530a4c7e3ce6d35