Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

7e1e85f45b...cd.exe

windows7-x64

10

7e1e85f45b...cd.exe

windows10-2004-x64

10

7e1e85f45b...cd.exe

windows10-ltsc 2021-x64

10

7e1e85f45b...cd.exe

windows11-21h2-x64

3

Resubmissions

11/11/2024, 20:42 UTC

241111-zg1hgsyqfq 10

08/08/2021, 02:50 UTC

210808-7yj2chx77s 10

Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    11/11/2024, 20:42 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7e1e85f45b5af0c11a6f55bbbc8b4f7062a82df441b85563b6d6c4c47c3988cd.exe

  • Size

    307KB

  • MD5

    0a7d739d28b5c574cbbd63d9f5a1d74a

  • SHA1

    6a412871b87383fb43c6e781228f6a5a83d29dc5

  • SHA256

    7e1e85f45b5af0c11a6f55bbbc8b4f7062a82df441b85563b6d6c4c47c3988cd

  • SHA512

    81677276f0712cc7ae564804eadabb18028e59521ada30b1291a122f7e6e17a3989ae4f7cca0ed22abba0b8a02daaaa55daf4286a4cd5d5c925166128eabf6d6

  • SSDEEP

    6144:W8qB3ybygTJ/ymlrwu4gZYFoWDPrRgnjTwa/RxJg:W8lWmNccWHRoY

Score
3/10
discovery

Malware Config

Signatures

  • Program crash 1 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\7e1e85f45b5af0c11a6f55bbbc8b4f7062a82df441b85563b6d6c4c47c3988cd.exe
    "C:\Users\Admin\AppData\Local\Temp\7e1e85f45b5af0c11a6f55bbbc8b4f7062a82df441b85563b6d6c4c47c3988cd.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4088
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 4088 -s 300
      2⤵
      • Program crash
      PID:5032
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 4088 -ip 4088
    1⤵
      PID:2020

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4088-1-0x0000000002EB0000-0x0000000002FB0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/4088-2-0x0000000004AD0000-0x0000000004AFF000-memory.dmp

      Filesize

      188KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.