Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

90ed1454b8...38.exe

windows7-x64

10

90ed1454b8...38.exe

windows10-2004-x64

10

91570920da...cf.exe

windows7-x64

10

91570920da...cf.exe

windows10-2004-x64

7

915c452bf2...b6.exe

windows7-x64

10

915c452bf2...b6.exe

windows10-2004-x64

10

916cd92d3a...38.exe

windows7-x64

10

916cd92d3a...38.exe

windows10-2004-x64

10

916fbe67a7...e3.exe

windows7-x64

10

916fbe67a7...e3.exe

windows10-2004-x64

10

91cce1a9f4...6a.exe

windows7-x64

10

91cce1a9f4...6a.exe

windows10-2004-x64

10

91d2e3f758...f6.exe

windows7-x64

10

91d2e3f758...f6.exe

windows10-2004-x64

10

91d7fa8d89...52.exe

windows7-x64

10

91d7fa8d89...52.exe

windows10-2004-x64

10

91e6d47bd8...cc.exe

windows7-x64

7

91e6d47bd8...cc.exe

windows10-2004-x64

7

92105c7a3b...24.exe

windows7-x64

7

92105c7a3b...24.exe

windows10-2004-x64

7

921421b7f5...09.exe

windows7-x64

10

921421b7f5...09.exe

windows10-2004-x64

10

9221b9eea3...3c.exe

windows7-x64

1

9221b9eea3...3c.exe

windows10-2004-x64

10

92324d5776...05.exe

windows7-x64

1

92324d5776...05.exe

windows10-2004-x64

1

927cd0bd1a...b8.exe

windows7-x64

3

927cd0bd1a...b8.exe

windows10-2004-x64

3

92efd55895...78.exe

windows7-x64

10

92efd55895...78.exe

windows10-2004-x64

10

932a9096cd...eb.exe

windows7-x64

10

932a9096cd...eb.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    142s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/03/2025, 06:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    91e6d47bd804e58a4e160993dfdfc3cc.exe

  • Size

    7.9MB

  • MD5

    91e6d47bd804e58a4e160993dfdfc3cc

  • SHA1

    c273d38db777c882addc54c595e392b587aaa980

  • SHA256

    7480338642edf06769bc62a28e084eb5cd9487868f95543337ebe8a9c32c7093

  • SHA512

    ae0663df09766e33194f844d101f072ecf8af8af4081897256dea24bbce1b3ff38473dbf80d23e7eaf74930f0d42a6b45a80930425cbd43e3e8daade219a2a62

  • SSDEEP

    196608:G9sGLbd7rEWWn87E3QeotSqrG8YqcIXcZZB2:GmqbhrEbn87eZsFmq+6

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\91e6d47bd804e58a4e160993dfdfc3cc.exe
    "C:\Users\Admin\AppData\Local\Temp\91e6d47bd804e58a4e160993dfdfc3cc.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2956
    • C:\Users\Admin\AppData\Local\Temp\3ZM65l.exe
      QzpcVXNlcnNcQWRtaW5cQXBwRGF0YVxMb2NhbFxUZW1wXDkxZTZkNDdiZDgwNGU1OGE0ZTE2MDk5M2RmZGZjM2NjLmV4ZQ== 38
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:2248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\3ZM65l.exe
    Filesize

    7.9MB

    MD5

    60e2f8a3c1bae7b743d511e657f4deff

    SHA1

    6332fdfb010adf74471721cfc0daa4d88dadcd83

    SHA256

    c84607e9496d67711c7dfcdea523c34fdaf689a41b91f9e2f14123f05553474e

    SHA512

    50e7bd6622fdc57e50a4f99bc36b04b5cbf842b2bbbbdea60f6806cdc1dc0eafce4abbd8e4fa195989c9128e6e643737ca56eb9109f547226cd372b32a5105d1

    Download Submit

  • memory/2248-19-0x000001C8F7FD0000-0x000001C8F8008000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2248-20-0x000001C8F7FA0000-0x000001C8F7FAE000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2248-30-0x00007FFB47E90000-0x00007FFB48951000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2248-29-0x00007FFB47E90000-0x00007FFB48951000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2248-12-0x00007FFB47E90000-0x00007FFB48951000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2248-14-0x000001C8DA810000-0x000001C8DBB22000-memory.dmp

    Filesize

    19.1MB

    Download

  • memory/2248-15-0x00007FFB47E90000-0x00007FFB48951000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2248-16-0x000001C8DC180000-0x000001C8DC188000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2248-27-0x000001C8FC6B0000-0x000001C8FD136000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/2248-17-0x000001C8DC170000-0x000001C8DC180000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2248-18-0x000001C8F7F50000-0x000001C8F7F58000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2248-25-0x000001C8FC6B0000-0x000001C8FD136000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/2248-23-0x000001C8FC6B0000-0x000001C8FD136000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/2248-24-0x00007FFB66230000-0x00007FFB66232000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2956-0-0x00007FFB47E93000-0x00007FFB47E95000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2956-2-0x00007FFB47E90000-0x00007FFB48951000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2956-13-0x00007FFB47E90000-0x00007FFB48951000-memory.dmp

    Filesize

    10.8MB

    Download

  • memory/2956-1-0x000001EF2EAC0000-0x000001EF2FDD2000-memory.dmp

    Filesize

    19.1MB

    Download