Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
15s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
06/09/2024, 01:04
General
-
Target
VMProtect.exe
-
Size
35.1MB
-
MD5
42bc64a5b81dde66989bbdd4bb460b9f
-
SHA1
a5a16491477e0ace4ee44a354a15ba63e55375e8
-
SHA256
91881d3ba8eeb6cab2bd15b670617e10ac01bae42b45aa30da4d60b75e3a99c4
-
SHA512
d8f772cf829e7245b6fa53b32bef68e414505bbe8b3f23b646053828abfd42797d4be5eb2c9b209f212ebc8536a1bff3a37726fe74ae4607bef96577a408f2dc
-
SSDEEP
786432:js1qgvftkNGCDvdJrObjfho/qNn4VJHF0yHQcLEP7qAuHG:aqcf6fvEo/qJ4VJHxnPm
Score
5/10
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\VMProtect.exe"C:\Users\Admin\AppData\Local\Temp\VMProtect.exe"1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
15.5MB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
86.4MB
-
Filesize
15.5MB
-
Filesize
86.4MB