Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

BstkDDU.dll

windows7-x64

10

BstkDDU.dll

windows10-2004-x64

10

BstkRT.dll

windows7-x64

10

BstkRT.dll

windows10-2004-x64

10

Factura n�...33.exe

windows7-x64

1

Factura n�...33.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    119s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    18/01/2025, 01:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Factura nº 9194633.exe

  • Size

    1.6MB

  • MD5

    28f954593b46b475f4a38135b0fa5280

  • SHA1

    4ad163cdc14bcb4c25cd6e9881bd1c8c2b18d20d

  • SHA256

    ea789703ffd411a8b7706f230e4f41b531d1beeb49de0b7221095461e33f06b8

  • SHA512

    c9befe00750d25b9755676a988fe11308a03406e85f0e5113e0c89738e4440542fd1dcdaa6ca9144314cb7c4ee0f3e1647b3595d8917e57ffeb2e8b61e455a77

  • SSDEEP

    49152:446QlvaBVVYm+dHcj06ri8aDiR1qS+IqblHo7nYKiUWjPgU9bAd7rmDaMiUffAq4:4fQlSBVVYm+dHcw6ri8aDiR1qS+Iqbl4

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Factura nº 9194633.exe
    "C:\Users\Admin\AppData\Local\Temp\Factura nº 9194633.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
      2⤵
        PID:1636

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads