Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    148s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    17/01/2025, 10:25

General

  • Target

    fuck.exe

  • Size

    481KB

  • MD5

    7163fe5f3a7bcfdeec9a07137838012a

  • SHA1

    3bd90557615ef95e4244bdbaa8e0e7fd949cdd3a

  • SHA256

    5433726d3912a95552d16b72366eae777f5f34587e1bdaa0c518c5fcbc3d8506

  • SHA512

    ea6d91205ed0d53868f44077e1d6db3bf8d6e3607378be22e643df3777120aa36d53e39748e4220dbf1d3355a0b791b9a3e5ddc080018d169c81d7ce0afb6478

  • SSDEEP

    12288:z13ak/mBXTG4/1v08KI7ZnMEF76JqmsvZQqS:5ak/mBXTV/R0nEF76gFZJ

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fuck.exe
    "C:\Users\Admin\AppData\Local\Temp\fuck.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:1736

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\rostad\logs.dat

    Filesize

    184B

    MD5

    169500301346f389398f6b1f20391d8b

    SHA1

    9fae1fda4ce2e18db699c0175262a62211c07753

    SHA256

    aa02367e5870f78d8bce38e2040f2124d41c5b83e2e978fe3ab59342602ca025

    SHA512

    85705a5fbdb5a91ab55dfb19dcd91a9d1b94396e27b4f5d47cc5f73558e6aec4ca098533276bf4a3230dffdfa6ae69053c1184c037d44d49a4ab3f8c9b5afca1