Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

yes.png

windows7-x64

3

yes.png

windows10-2004-x64

7

Resubmissions

11/01/2025, 02:58

250111-dgnb9stjep 7

02/01/2025, 11:16

250102-ndlpdayrhs 10

02/01/2025, 11:04

250102-m6qy5aypdz 10

Analysis

  • max time kernel
    16s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    11/01/2025, 02:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    yes.png

  • Size

    158KB

  • MD5

    2364ecb2d3966d365806878891a7cc00

  • SHA1

    35c38f9e237a3b942c16f36c90292ade83ab496f

  • SHA256

    aae7699b056e19bc9fd9ba3c5aa7571c2505cdd50108ae71b9d31fc690109c82

  • SHA512

    2b8d46a63b1843cb44516a4632c1f689b25a1e55610762534e875753f98b367c814dc5981d88edb562c21f18d9f5dfa9432f8997ac380af02b79f0ea51357859

  • SSDEEP

    3072:YOSE3N6QqCZNm3HXTu18hI/+g8MWqkPctocnlN7OEMm066SfTwFd6VFc2UTQ:lSENqwNOw8hVF9c2clN6EbUAg3rTQ

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 2 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\yes.png
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:2328

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2328-0-0x0000000002030000-0x0000000002031000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2328-1-0x0000000002030000-0x0000000002031000-memory.dmp

    Filesize

    4KB

    Download