Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
01/10/2024, 15:07
Behavioral task
behavioral1
Sample
398677fab8c11955fb7298cc5ae9a3f01665750f886a78c6390aab182555ad2cN.exe
Resource
win7-20240903-en
General
-
Target
398677fab8c11955fb7298cc5ae9a3f01665750f886a78c6390aab182555ad2cN.exe
-
Size
236KB
-
MD5
6472437fbca4106d4e105a45e6acc4f0
-
SHA1
a31f06ac7b4219410320ad56a7fd6d2d0c8fbff2
-
SHA256
398677fab8c11955fb7298cc5ae9a3f01665750f886a78c6390aab182555ad2c
-
SHA512
29ad2ff567adc15dad87a249a924abc3a109b1322592bcef4bbaa0c8df59e399924392a5b463d60958fcf71768af425afaff07af254533cfcee182d72cebfe49
-
SSDEEP
3072:4J0Bs3o8A4M3riN6MhGkgS3PL6pb9t16n5OkhBOPC/b/FnncroP9:8wDeM7iNEkgiOb31k1ECLJ/F
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1708-0-0x0000000000400000-0x000000000043B000-memory.dmp upx behavioral1/memory/1708-1-0x0000000000400000-0x000000000043B000-memory.dmp upx behavioral1/files/0x0005000000004ed7-7.dat upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 398677fab8c11955fb7298cc5ae9a3f01665750f886a78c6390aab182555ad2cN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
236KB
MD5e6b239a425642e21df07c61f2cae7b0a
SHA1168e3d21b43caecd037899b2467f31892676a205
SHA2567e998940fd54ed5d0707b5252d34c1e1a597e462e220ec2242953972084bff59
SHA5124afeafc9c4ee083ddf157dbd6c465b54c7246ae607431437874269c31a265cd6652022f91ab44ca77bba138e10a1a184c9cb92d484980284e4fc913daf3ab380