Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
81s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
23/08/2024, 05:29
General
-
Target
2de382152f087a86363e204faaa6f9105ecd57a64bc6a3633e6645e2ce3efd9d.exe
-
Size
3.0MB
-
MD5
4aed7b49f4896bb7d95648eff3ecde3e
-
SHA1
7f8cf0ca4e421c5f47dfd7509d99b8b7734bdbe4
-
SHA256
2de382152f087a86363e204faaa6f9105ecd57a64bc6a3633e6645e2ce3efd9d
-
SHA512
f1906764e8bb487785fb014f25145408d09605fa0188c0ff27ba8d66593225bbe669f6ea576dcfe700a2e8ba6271e45c78a6948d4996a71a2fcd7b2dc4f51ff8
-
SSDEEP
49152:9RefbRq+svmn5ZEzj3hbG9WDwAFSgrQRAqlqbqzNqAPdjpL:fefb4+qmn4z1bG9ES8QqMjpL
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2de382152f087a86363e204faaa6f9105ecd57a64bc6a3633e6645e2ce3efd9d.exe"C:\Users\Admin\AppData\Local\Temp\2de382152f087a86363e204faaa6f9105ecd57a64bc6a3633e6645e2ce3efd9d.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1916 -s 2602⤵
- Program crash
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3.1MB
-
Filesize
3.1MB