Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
13/10/2024, 06:17
General
-
Target
fcf06fcaece19ebb6d61eb82286402e6e4582ca06aaa29b5d11834b77b0c3375.exe
-
Size
14.5MB
-
MD5
00f01fac80189bc146a82c91e76e1d69
-
SHA1
5666bd271867d051069ad5c18fd92c663b4cb306
-
SHA256
fcf06fcaece19ebb6d61eb82286402e6e4582ca06aaa29b5d11834b77b0c3375
-
SHA512
b609586c9ffe9b865a38fd3fae218bf45f83ab44bac481fe9456ed962c195e35eeb58cdbb886f10b3f88d07418be71a6e4844cd9992e55430bf4fd18e8894be4
-
SSDEEP
393216:oCbW8bhZ2YsHFUK2J7XMCHWUj5jx5WsqWxT45xHMrl7/wDYAkO:oCbW89Z2YwUlJ7XMb8ksqAAMhTmMO
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\fcf06fcaece19ebb6d61eb82286402e6e4582ca06aaa29b5d11834b77b0c3375.exe"C:\Users\Admin\AppData\Local\Temp\fcf06fcaece19ebb6d61eb82286402e6e4582ca06aaa29b5d11834b77b0c3375.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\fcf06fcaece19ebb6d61eb82286402e6e4582ca06aaa29b5d11834b77b0c3375.exe"C:\Users\Admin\AppData\Local\Temp\fcf06fcaece19ebb6d61eb82286402e6e4582ca06aaa29b5d11834b77b0c3375.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.6MB
MD5166cc2f997cba5fc011820e6b46e8ea7
SHA1d6179213afea084f02566ea190202c752286ca1f
SHA256c045b57348c21f5f810bae60654ae39490846b487378e917595f1f95438f9546
SHA51249d9d4df3d7ef5737e947a56e48505a2212e05fdbcd7b83d689639728639b7fd3be39506d7cfcb7563576ebee879fd305370fdb203909ed9b522b894dd87aacb