Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
16/11/2024, 14:42
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Unlock_Tool_v2.6.4.rar
Resource
win7-20240903-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
Unlock_Tool_v2.6.4.rar
Resource
win10v2004-20241007-en
18 signatures
150 seconds
General
-
Target
Unlock_Tool_v2.6.4.rar
-
Size
49.9MB
-
MD5
b1a7540cd12701261738fd879efb2779
-
SHA1
1b3ad97b572045c61003de254d7833cab2391ee8
-
SHA256
69289808086eba703c638e42fa8f2adbe274b98ec0e3d005b62560e42a9200f0
-
SHA512
2a5ffac6840e56a2388f16cbbb737789482108fd77658467d55bcbcd49bcc3a13e942b073951cb3470f2cb42495e41b84404bedb2d4d8da33c9313e2fd944e44
-
SSDEEP
1572864:5HRk6MsvlqSOFhI63C6w1TMZmm+sIoE435lp4kJr2:BVnlxkr3URo+gN5Aks
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2800 7zFM.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeRestorePrivilege 2800 7zFM.exe Token: 35 2800 7zFM.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2800 7zFM.exe