Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
06/09/2024, 22:29
Static task
static1
Behavioral task
behavioral1
Sample
089acca8b4c292ed6291c7ebc2fe2a1f4528abb0201d8efaa243899499358735.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
089acca8b4c292ed6291c7ebc2fe2a1f4528abb0201d8efaa243899499358735.exe
Resource
win10v2004-20240802-en
General
-
Target
089acca8b4c292ed6291c7ebc2fe2a1f4528abb0201d8efaa243899499358735.exe
-
Size
10.9MB
-
MD5
83b5663fbb74f60bc3e4eb09bf1f3808
-
SHA1
c7eaf08ba1b7de2e0f94e119832721aa034fd03d
-
SHA256
089acca8b4c292ed6291c7ebc2fe2a1f4528abb0201d8efaa243899499358735
-
SHA512
5510dcaa660a1bf266d0b9a8f0f874c37fb172f8293e1db05fce0b7e7abe12f7c97ac5370072d0e9aa4b24b37ced467a4445491fad1465447e2a366c2def5e05
-
SSDEEP
196608:FzIsZwtDnJES0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:FzIsquRrDjtLKkOa8ps6puAktIz
Malware Config
Signatures
-
Loads dropped DLL 2 IoCs
pid Process 2996 089acca8b4c292ed6291c7ebc2fe2a1f4528abb0201d8efaa243899499358735.exe 2996 089acca8b4c292ed6291c7ebc2fe2a1f4528abb0201d8efaa243899499358735.exe -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 089acca8b4c292ed6291c7ebc2fe2a1f4528abb0201d8efaa243899499358735.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2996 089acca8b4c292ed6291c7ebc2fe2a1f4528abb0201d8efaa243899499358735.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\089acca8b4c292ed6291c7ebc2fe2a1f4528abb0201d8efaa243899499358735.exe"C:\Users\Admin\AppData\Local\Temp\089acca8b4c292ed6291c7ebc2fe2a1f4528abb0201d8efaa243899499358735.exe"1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2996
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5349c3125431af3057387321614f92543
SHA1096ce53e49a0d73a0663ebd8a2547951dad608d4
SHA2563052d9ba29cf09eba88aad4813e357f68f8c1ba7bf2b30fb5df154a4ee009cb8
SHA512d9d0c9ec75545e0b949c77709a253c16885ddfa6016d349fff0d7d4fbe3755d777b54f4eb903eb1ac516a3bd962b573610f6132bf026cef2645263c9a1f4ecc9
-
Filesize
4KB
MD58538a98c39c4ae9d1cc7c61276a56cdc
SHA1b093446a5790661c2d6a37260d894db71779a239
SHA256ee770722280211294224130a45795bb6cd847560a7d0357e836ed90053aca9d4
SHA51254edb64d1be99c3c4f694aa34e204ceb145183a8b7c2fb90b97ff13d3f16bb042eed7ffb7614b3d7d8f97deb84eb93769cc1b8abfc6ab3f2563489590aa8736d
-
Filesize
38B
MD5e136eda34b589f67990cbbcd8f7478cc
SHA12b8e1a3a28c0e83991fbfe980d33a159a232de67
SHA25674be3853bd3e6239e31d94393909592a1946e98d7d54cbbff4d15376ff2aeca6
SHA512f41eb72e4f9fb0f3d5d3cdef569961640f6f6c8389cbdebe3bc72d9bc96ee4717d8c1296b0532f146b3c822099fbc9b0e2a802076437ae961013fa5db27a7977