Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

Chequea tu...�n.msg

windows7-x64

5

Chequea tu...�n.msg

windows10-2004-x64

3

asxcv.jpg

windows7-x64

3

asxcv.jpg

windows10-2004-x64

3

azx.jpg

windows7-x64

3

azx.jpg

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03/09/2024, 17:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    azx.jpg

  • Size

    15KB

  • MD5

    1ab7444a75f11a31e3053dfec93c7db6

  • SHA1

    3933a23f6b89a65bd7d2375d9b012bb1af97dabe

  • SHA256

    c9026e5c24a5d5bef13a19675ef6e97400b89dce29d61abf8bcfc343b827c1b9

  • SHA512

    3c904dc0ff325e779e3a56aee6d137408e16f9404ca637f3915106c31813320bdbfae9e96df19b7046329e96a41eeeebd5ebcb9015bc3a72f828226fcb18ec6f

  • SSDEEP

    384:izEx74yfiSjTfZVLwhdG6V2oVQrP9H+3pUth1gK:izEhaIlkHVxj21f

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\azx.jpg
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:2236

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2236-0-0x0000000000320000-0x0000000000321000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2236-1-0x0000000000320000-0x0000000000321000-memory.dmp

    Filesize

    4KB

    Download