Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
91s -
max time network
91s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
06/10/2024, 02:12
Behavioral task
behavioral1
Sample
02bd1eec3e546850f7cd94a02f323b49e971f3b9afe488efc863ed3068d1e8bcN.exe
Resource
win7-20240903-en
General
-
Target
02bd1eec3e546850f7cd94a02f323b49e971f3b9afe488efc863ed3068d1e8bcN.exe
-
Size
236KB
-
MD5
8a15a19bf6484980420e967ccb4d5bc0
-
SHA1
a2098d87d501a33dbbf70094a7c3dae180f16a5e
-
SHA256
02bd1eec3e546850f7cd94a02f323b49e971f3b9afe488efc863ed3068d1e8bc
-
SHA512
2aa87d08a21d5aeb090cb9a506d69a7db9f60c87bc88bd1cdc80c2ef699423b3067bef07b1b077ec3236e467eefd79540b5211e0e97c3f35c80bb85fee6b71bb
-
SSDEEP
3072:+J0Bs3o8A4M3riN6MhGkgS3PL6pb9t16n5OkhBOPC/Q/FnncroP9:CwDeM7iNEkgiOb31k1EC+J/F
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/3012-0-0x0000000000400000-0x000000000043B000-memory.dmp upx behavioral1/memory/3012-1-0x0000000000400000-0x000000000043B000-memory.dmp upx behavioral1/files/0x0005000000004ed7-7.dat upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 02bd1eec3e546850f7cd94a02f323b49e971f3b9afe488efc863ed3068d1e8bcN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
236KB
MD5b54b9c6b79e433972d4bb439b4fc0dfe
SHA156e69eef138d7fe844fd51333cb5f46a5f9affa0
SHA256c0779fe0ba3a0b302935c9fd5b722ee584145597c72fa25f64e2e5e2e00515eb
SHA5121296a48ee8b24271c47973b189e34acaa26ac1d637f846a8649f9b07a3b546743e3a1142b31f711b38d463521e5e152e118f3e74014115fddd44815a660b96d8