Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
13/10/2024, 10:09
Behavioral task
behavioral1
Sample
cd93f0f00d9e810def31ac059c6167ea0d1028c5d56c00bd0403ee656e57ffaeN.exe
Resource
win7-20240903-en
General
-
Target
cd93f0f00d9e810def31ac059c6167ea0d1028c5d56c00bd0403ee656e57ffaeN.exe
-
Size
236KB
-
MD5
6765c9382e7414f472b9d070a0727780
-
SHA1
9e86c86cc83161842653f438215a18b9837b7cde
-
SHA256
cd93f0f00d9e810def31ac059c6167ea0d1028c5d56c00bd0403ee656e57ffae
-
SHA512
df86b57469518a46ee92c43e736ce145b90750e23b02e23e0f6da7400be5b97a79c2d8d436ad261b4addcdc6b82edf0b90631c1fc3ef1986f8f5a1dad20e9a4e
-
SSDEEP
3072:4J0Bs3o8A4M3riN6MhGkgS3PL6pb9t16n5OkhBOPC/p/FnncroP9:8wDeM7iNEkgiOb31k1EC1J/F
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/1076-0-0x0000000000400000-0x000000000043B000-memory.dmp upx behavioral1/memory/1076-1-0x0000000000400000-0x000000000043B000-memory.dmp upx behavioral1/files/0x0005000000004ed7-7.dat upx -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language cd93f0f00d9e810def31ac059c6167ea0d1028c5d56c00bd0403ee656e57ffaeN.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
236KB
MD58d932a897df2a6a0998e07313369bde7
SHA1f6a220c1d8f2f31291382a3df7558b1a44aab46f
SHA256822f098b1a87c0a988600e09314596368ffbf01769fa1ae23c541c1b26d050d5
SHA512409ced1675f035c4139602aec1e99239fad706e87cdee27483704ee4a5a197a277707b4254c2507a6d1fcab2ceb8710c1c967b0e2941d90c1619ce91bbbce9a8