Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03/02/2025, 14:09
General
-
Target
DurableLauncher.exe
-
Size
10.5MB
-
MD5
3980d879e8cdab01a8c85a98863c2064
-
SHA1
65196c9bb57059f3b8f1f23e2a8f9204051a6473
-
SHA256
1877f5f99c834df6605e2fd22460fa93ce03b87d50e47ba7cb274d856257a159
-
SHA512
ebf991a2e495804c3414e6b70a0720253edd7a8c717a2d57ebcf099814b66b6717a03f4b207cb27701cd5d1415ccac3bd7c6bf0313c733713adae23dead4719f
-
SSDEEP
196608:H0jNSwsCQcSDUhj7237EAMJoOA394I1hKJgYkMAhfpww5vlb2wBsY:yowsCKohf2LEAZO5I1GgYkZ19b/iY
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\DurableLauncher.exe"C:\Users\Admin\AppData\Local\Temp\DurableLauncher.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\onefile_2576_133830653683242000\last.exeC:\Users\Admin\AppData\Local\Temp\DurableLauncher.exe2⤵
- Executes dropped EXE
- Loads dropped DLL
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
15.8MB
MD56adfcfaed8015427390f85628f51a304
SHA1a07005c48969d761d8f686a669fea1550b7b02e9
SHA25612672f0f8b64f4016ee9a95d0bed2907356ff8657aac7a2a1e2fdaeade411a5d
SHA5122314b4ec6881412bf9efcac73c800d5b826432883636a4554504a1326108c41510ef7fe140a4378be55cbb75efc133a434d3dc17545597fa52e3c489bf634a00
-
Filesize
5.5MB
MD59a24c8c35e4ac4b1597124c1dcbebe0f
SHA1f59782a4923a30118b97e01a7f8db69b92d8382a
SHA256a0cf640e756875c25c12b4a38ba5f2772e8e512036e2ac59eb8567bf05ffbfb7
SHA5129d9336bf1f0d3bc9ce4a636a5f4e52c5f9487f51f00614fc4a34854a315ce7ea8be328153812dbd67c45c75001818fa63317eba15a6c9a024fa9f2cab163165b