Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

f8a8c7a200...d5.exe

windows7-x64

5

f8a8c7a200...d5.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    140s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    30/09/2024, 04:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f8a8c7a200b6619f631bea43518537a00bfa9f73801a7264e39383eb9658fdd5.exe

  • Size

    83KB

  • MD5

    a71dc8437cdbf4b956fbec7198aeac1c

  • SHA1

    97750331ef3f9691dc42f5068af4d1813c7de4d9

  • SHA256

    f8a8c7a200b6619f631bea43518537a00bfa9f73801a7264e39383eb9658fdd5

  • SHA512

    df7d474b85ab5486f124fe5f66323ea52e2e06c4c69092da687ec39785432f3bfdcdf0ca661c68712b5181789a55b82281036c83049394e0b3d1a3250bb043b7

  • SSDEEP

    1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+tK:LJ0TAz6Mte4A+aaZx8EnCGVut

Score
5/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 7 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\f8a8c7a200b6619f631bea43518537a00bfa9f73801a7264e39383eb9658fdd5.exe
    "C:\Users\Admin\AppData\Local\Temp\f8a8c7a200b6619f631bea43518537a00bfa9f73801a7264e39383eb9658fdd5.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\rifaien2-RDgUyjfc3eWlljMZ.exe
    Filesize

    83KB

    MD5

    64e8a96732e8a8c1d9f662d27c57d15b

    SHA1

    dee8cd23b07b92e53eb46cc5fa3e977cab11b23b

    SHA256

    3f02d46ae0d4363892fe1b586bc8c4f42291fb21aad76b758fd9becf40272dd2

    SHA512

    f5a4afcd014a215910b87cb81e2433a8691c55d549d8c4d067010938b54c91c73d31088fad032bbcfcd5c94297f28c1bb79f047a54bf19a9819d0bfd50917aa0

    Download Submit

  • memory/2372-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2372-1-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2372-5-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2372-12-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2372-22-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2372-29-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download