Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
12/09/2024, 22:07
Static task
static1
Behavioral task
behavioral1
Sample
ba43fc01fad8267708cc7f8405e08970724c198bf47354c0d9706d3c57a2482c.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
ba43fc01fad8267708cc7f8405e08970724c198bf47354c0d9706d3c57a2482c.exe
Resource
win10v2004-20240802-en
General
-
Target
ba43fc01fad8267708cc7f8405e08970724c198bf47354c0d9706d3c57a2482c.exe
-
Size
7.6MB
-
MD5
b66774408494181c3180963e95b48404
-
SHA1
51ad154ad4ae223fde69a2c45f3d5b007dfce6ee
-
SHA256
ba43fc01fad8267708cc7f8405e08970724c198bf47354c0d9706d3c57a2482c
-
SHA512
b260873a639d9ca443d3e78f3f056f28b97cc76626214e3120ae724eb07507d90025a65bd8c919655e8581c9a96098cfb4b31f7befdcf8b502aa6e992fcfb35c
-
SSDEEP
98304:bP5mq4RW60WR+Qrvg7D1GYOh8NbFPAQwDfWw08dGODav43c9N6:b6R187D1GYOeNlA7W38NDaW8N6
Malware Config
Signatures
-
Downloads MZ/PE file
-
Loads dropped DLL 2 IoCs
pid Process 2296 ba43fc01fad8267708cc7f8405e08970724c198bf47354c0d9706d3c57a2482c.exe 2296 ba43fc01fad8267708cc7f8405e08970724c198bf47354c0d9706d3c57a2482c.exe -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language ba43fc01fad8267708cc7f8405e08970724c198bf47354c0d9706d3c57a2482c.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2296 ba43fc01fad8267708cc7f8405e08970724c198bf47354c0d9706d3c57a2482c.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\ba43fc01fad8267708cc7f8405e08970724c198bf47354c0d9706d3c57a2482c.exe"C:\Users\Admin\AppData\Local\Temp\ba43fc01fad8267708cc7f8405e08970724c198bf47354c0d9706d3c57a2482c.exe"1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2296
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5b38d63fcc0fffb9528e36e711bbe790c
SHA1f9f208acf1aeafd2f744d21e528e5016ef309630
SHA256434518ce2cdeec5805245e0924ac25f289f31446e3cfc3f6a75f7960a1b6acaa
SHA51265af149d7aed9af73e5133dabaedcbe7adbd10b1d678c5afeb6bbaeaf1fb2a65296aea1a003d274a9f659e1a7e6eefec032ecb0b5d1aba232b30e3f9c86118cf
-
Filesize
2KB
MD51ddba2b300765bce43007981d8627520
SHA1c57497c82eeff1fe2327ea3a476b8696e97f60fd
SHA256e09df522a5f1ebea9d14986847dd6022812fcb352870cef13d08269b405d0afe
SHA512920c34ac38055ac99dc3b44d923e5ec22c0dd3e2a5f34e86cb08ea67d3dc28cecb522b0bf27af8e9d1363f44327d5d9b6d2e9e5bb07d43ce8f1dbd606a046374
-
Filesize
38B
MD5f12fa11de8cbe14cb1c2ea4db34da129
SHA1883f01b6c99b51bfdfb7ccecb9f74bf96a9a52c9
SHA2569850a6339b6c6dd644a08f4a3f6de551d6343edde7abb41bcc7314d380e5a2ce
SHA512ab2592c4f751d97c1b495723f6625721f8ae5ae1e8f3fb61debb26f8b83cc7f8eba0d07e67dc20f9f183c63bbba68186a8120c8c3c31aabe6f971820d1d23c67