Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
141s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
28/09/2024, 16:12
Static task
static1
Behavioral task
behavioral1
Sample
a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe
Resource
win10v2004-20240802-en
General
-
Target
a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe
-
Size
11.0MB
-
MD5
ff17c23c8ff7ef3330f77b431fcc2846
-
SHA1
4c0a982537f681f970a48215a5a768ce4d075c35
-
SHA256
a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7
-
SHA512
11fed89ca5c0d61b7f94d42d6035f99831d8b107c14c2ff7265df0bec1fb21fe92d1f148a8091d8056072a12696c808fa853905f414b8bc28442ab7d3297aafd
-
SSDEEP
196608:J1WWWNNAsS0NTxePePDdh0iCULKkOa8z1s6NXuAktmBlU4I4:J1WdAsRrDjtLKkOa8ps6puAktIz
Malware Config
Signatures
-
Downloads MZ/PE file
-
Loads dropped DLL 2 IoCs
pid Process 2812 a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe 2812 a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2812 a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe"C:\Users\Admin\AppData\Local\Temp\a33404dd8d80e3a8ee68f4087eba799bbf4639d1e99a75f1635df19a3ca2eec7.exe"1⤵
- Loads dropped DLL
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx
PID:2812
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2KB
MD5cea28550fdb21d4c71b487f001738994
SHA15c18b9807a585c57ca99e9289aee3c25fc101893
SHA256bc7d14cea8350436c764b8326964e48e33d969e8381ee09429076d31cc5d5973
SHA5126b9686e4d00bf47f494a2103f37257f0380f4fbdfd156b91b318274f95ec94aa367761429bd8c621297babee4d66b90e9ffff7fe8360d57bee37a49717c18749
-
Filesize
9KB
MD537c305412be1214e68416cb599e8e9cc
SHA163094e0767ddfc2c87f23f8dd128f32c1161c235
SHA256dd65f7fde92059d7274d658610395bd3529e4901589bc6f94266a181d83c2299
SHA512f281d61c8fec3f47ea8b93a244dd983edd2c25117045559eaa0dd05af9c64a010e6f8c80ecf66613b1a1e58df5725b3867c227d84af4e01ef22186eb9d171c93
-
Filesize
38B
MD57a677b19ae47afa06e96202c48213f14
SHA14f604cd8a6f5bb04a11d9c305c0c3382870a1856
SHA256564400194ea7b7d3506ec0fb39f36703b0d07822460706aa80744d0dbcb261ba
SHA512dea93224fde3223fc4684b39184ccec3a9e37cbb3226c146a1a4cd86363da8e07207c3c88af3c6c2d3aa414aef11bc5b36c8ebab207a793081b249443eb4bbac