Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Launch.exe

windows7-x64

7

Launch.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/10/2024, 21:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Launch.exe

  • Size

    342KB

  • MD5

    c3579512b9277f8bf64af53227f0ff0f

  • SHA1

    be71ec8d000831d5b87c51be81d90af55fcb8b0c

  • SHA256

    4796c351a43e182f5a424a531dd2b07e262147d3d979ca0606cba611f0ab262f

  • SHA512

    bbd34ddc24a5d735d12e3972a73267821b0ecdaffdaad21b89ef18d8c30315b8b2978315eec56f3a0ddbd884308c296f538e3e540280868b556ce8a4b63c6e9a

  • SSDEEP

    6144:nrWu9SucKFiQObW6tg5ULzrh0GWtLg3F+S6Ua2gtI4BAlSiCApzPj2h5b+pB0P/p:nPcKWK9ULzrhMKza3a4DbAZub+pB0P/T

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\Launch.exe
    "C:\Users\Admin\AppData\Local\Temp\Launch.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    PID:1564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Roaming\msvcp110.dll
    Filesize

    561KB

    MD5

    a317e8041d6fb24650756004d6c70c6a

    SHA1

    1596d794053a23463915994bfecf41aeac966ea1

    SHA256

    e81b38320476b4ee8d3a39d7d13d546fb7fa7689dd47778cdae12460330bd64e

    SHA512

    a63a04fe48e1f02c2d55367cd98d912bd33ff25971ff1b3972baed76589eb5bfbca888e6dc01569bdc2b119a864350d376863c07d682e55145f17e24dadefd3a

    Download Submit

  • memory/1564-0-0x00000000742CE000-0x00000000742CF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1564-1-0x0000000001380000-0x00000000013DE000-memory.dmp

    Filesize

    376KB

    Download

  • memory/1564-2-0x0000000000220000-0x0000000000226000-memory.dmp

    Filesize

    24KB

    Download

  • memory/1564-7-0x0000000075180000-0x0000000075241000-memory.dmp

    Filesize

    772KB

    Download

  • memory/1564-8-0x00000000742C0000-0x00000000749AE000-memory.dmp

    Filesize

    6.9MB

    Download