Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
02/12/2024, 12:24 UTC
General
-
Target
7b7be2d0c9f01cc2e74a3f2884d465e98f7a2082c86088a21a5dce008c784d84N.exe
-
Size
6.0MB
-
MD5
32cae03a3349460b1b29c1f78f625680
-
SHA1
362bebb06028d11172208616485756ccc74269c6
-
SHA256
7b7be2d0c9f01cc2e74a3f2884d465e98f7a2082c86088a21a5dce008c784d84
-
SHA512
ee6940aa962d01e7e0a3b96180fd3314f2fc577050923be82b368e090f03ee313c2b3c51bcd4bb45a6820a1653d6029ea911790309f2b02c258ae1db38fcb530
-
SSDEEP
98304:PGEtdFByL7XamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RKOnAKFiO6yN:PlFELWeN/FJMIDJf0gsAGK4RRnAKF7JN
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\7b7be2d0c9f01cc2e74a3f2884d465e98f7a2082c86088a21a5dce008c784d84N.exe"C:\Users\Admin\AppData\Local\Temp\7b7be2d0c9f01cc2e74a3f2884d465e98f7a2082c86088a21a5dce008c784d84N.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7b7be2d0c9f01cc2e74a3f2884d465e98f7a2082c86088a21a5dce008c784d84N.exe"C:\Users\Admin\AppData\Local\Temp\7b7be2d0c9f01cc2e74a3f2884d465e98f7a2082c86088a21a5dce008c784d84N.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.4MB
MD5178a0f45fde7db40c238f1340a0c0ec0
SHA1dcd2d3d14e06da3e8d7dc91a69b5fd785768b5fe
SHA2569fcb5ad15bd33dd72122a171a5d950e8e47ceda09372f25df828010cde24b8ed
SHA5124b790046787e57b9414a796838a026b1530f497a75c8e62d62b56f8c16a0cbedbefad3d4be957bc18379f64374d8d3bf62d3c64b53476c7c5005a7355acd2cee
-
Filesize
4.4MB