Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

16/11/2024, 14:42

241116-r3d8daybme 8

16/11/2024, 14:36

241116-rywxmaskdm 10

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    16/11/2024, 14:42

General

  • Target

    Unlock_Tool_v2.6.4.rar

  • Size

    49.9MB

  • MD5

    b1a7540cd12701261738fd879efb2779

  • SHA1

    1b3ad97b572045c61003de254d7833cab2391ee8

  • SHA256

    69289808086eba703c638e42fa8f2adbe274b98ec0e3d005b62560e42a9200f0

  • SHA512

    2a5ffac6840e56a2388f16cbbb737789482108fd77658467d55bcbcd49bcc3a13e942b073951cb3470f2cb42495e41b84404bedb2d4d8da33c9313e2fd944e44

  • SSDEEP

    1572864:5HRk6MsvlqSOFhI63C6w1TMZmm+sIoE435lp4kJr2:BVnlxkr3URo+gN5Aks

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\Unlock_Tool_v2.6.4.rar"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:2800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads