Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
05/11/2024, 20:47
General
-
Target
06b28a3a05f98b3172eee3f990e1e1c3f8d51d68a39f93db09e01fd2c70439d3.exe
-
Size
7.3MB
-
MD5
d99f4643fa07fa48ee5c7e700b0fd033
-
SHA1
139f0f1734c268d9fe5154421ca1d6b6db5ffd4a
-
SHA256
06b28a3a05f98b3172eee3f990e1e1c3f8d51d68a39f93db09e01fd2c70439d3
-
SHA512
18420badfdac5fcd3b9c8d9b5e4cf364f686d59e22ad3ff44b599d40d3750740e06b63b5e4b52c2c2cae07ac244705dc412828dfcda5aff64bb4cc33a3458ab8
-
SSDEEP
196608:Am8PDiLjv+bhqNVoB0SEsucQZ41JBbIg11tdJG:Z8PaL+9qz80SJHQK1JV1vDG
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\06b28a3a05f98b3172eee3f990e1e1c3f8d51d68a39f93db09e01fd2c70439d3.exe"C:\Users\Admin\AppData\Local\Temp\06b28a3a05f98b3172eee3f990e1e1c3f8d51d68a39f93db09e01fd2c70439d3.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\06b28a3a05f98b3172eee3f990e1e1c3f8d51d68a39f93db09e01fd2c70439d3.exe"C:\Users\Admin\AppData\Local\Temp\06b28a3a05f98b3172eee3f990e1e1c3f8d51d68a39f93db09e01fd2c70439d3.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.6MB
MD576eb1ad615ba6600ce747bf1acde6679
SHA1d3e1318077217372653be3947635b93df68156a4
SHA25630be871735591ad96bc3fc7e541cdef474366159c2f7443feb30739cbd2db7e1
SHA5122b960e74dd73f61d6a44fef0de9f2d50bcf2ec856b7aa5b97f0107e3cdadea461790760668a67db2ecaf71ff323133ee39ce2b38aafff3629c14e736d6a64aeb
-
Filesize
5.9MB