Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
96s -
max time network
133s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
25/09/2024, 02:03
General
-
Target
80af903be8ac173fdc5f6029272c4af8c907e97bfa7d32fb40e0b1c3b984cd47.exe
-
Size
840KB
-
MD5
843c5df4d614993bf87d4c93f67dedad
-
SHA1
9a0c5bdca8d1859ae1621acaa0f94e2ff4daa2e9
-
SHA256
80af903be8ac173fdc5f6029272c4af8c907e97bfa7d32fb40e0b1c3b984cd47
-
SHA512
5d40e9d4b017d8a56ee0d4e313f9c47280cff00cb7c11b40812a6479dd08b79767e552970fdafe13f8c435e51184a1d28d15f1624f22131cc82be0fa14a53c4c
-
SSDEEP
6144:O5l8Psn+5S+Macf/sCimmw9Xqp/AT/ykKOnCYfE6Se0puU/WEBpLla2isxPi11:Kl8PsH+MacnQp/ATKkKBb6Se0NrpYs
Score
3/10
Malware Config
Signatures
-
Program crash 2 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\80af903be8ac173fdc5f6029272c4af8c907e97bfa7d32fb40e0b1c3b984cd47.exe"C:\Users\Admin\AppData\Local\Temp\80af903be8ac173fdc5f6029272c4af8c907e97bfa7d32fb40e0b1c3b984cd47.exe"1⤵
- System Location Discovery: System Language Discovery
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5036 -s 2482⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 5036 -s 2482⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 5036 -ip 50361⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 5036 -ip 50361⤵