Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

8

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

10

ﱞﱞﱞ�...ฺฺ

windows10_x64

10

ﱞﱞﱞ�...ฺฺ

windows10_x64

8

ﱞﱞﱞ�...ฺฺ

windows10_x64

10

ﱞﱞﱞ�...ฺฺ

windows10_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

8

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

8

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows10_x64

8

ﱞﱞﱞ�...ﱞﱞ

windows7_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows7_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows7_x64

10

ﱞﱞﱞ�...ﱞﱞ

windows7_x64

10

win102

windows10_x64

10

win102

windows10_x64

8

win102

windows10_x64

8

win102

windows10_x64

10

win104

windows10_x64

8

win104

windows10_x64

10

win104

windows10_x64

8

win104

windows10_x64

10

win105

windows10_x64

10

win105

windows10_x64

8

win105

windows10_x64

8

win105

windows10_x64

8

Resubmissions

12/11/2024, 01:29 UTC

241112-bwgrxs1gnf 10

08/07/2021, 12:18 UTC

210708-8z6d5h8z2n 10

06/07/2021, 17:53 UTC

210706-g6we6sa7sa 10

19/06/2021, 18:17 UTC

210619-vr8bj2dzfn 10

17/06/2021, 21:39 UTC

210617-a9cvlnmrbx 10

11/06/2021, 17:26 UTC

210611-wvab1yw2tj 10

08/06/2021, 06:47 UTC

210608-qrbpch3y46 10

08/06/2021, 06:47 UTC

210608-64tndgm1ln 10

05/06/2021, 18:40 UTC

210605-cd6qpr55sx 10

04/06/2021, 11:56 UTC

210604-5c416rs3ns 10

Analysis

  • max time kernel
    1742s
  • max time network
    1754s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    16/05/2021, 10:08 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Install.exe

  • Size

    497KB

  • MD5

    41a5f4fd1ea7cac4aa94a87aebccfef0

  • SHA1

    0d0abf079413a4c773754bf4fda338dc5b9a8ddc

  • SHA256

    97e95e99fd499ec45a7c1d8683d5731ce5e7a8fb8b710622e578cd169a00d8d9

  • SHA512

    5ca14bda498f26efff4e1179969b8f2c25244063c7bf25f3ec20b5cd24b5be320bbfb8b3d0b2d66f5c5b415da777a766fece5f251a4247773c6cb991417fb75f

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Install.exe
    "C:\Users\Admin\AppData\Local\Temp\Install.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:624
    • C:\Users\Admin\AppData\Local\Temp\is-681LA.tmp\Install.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-681LA.tmp\Install.tmp" /SL5="$301E6,235791,152064,C:\Users\Admin\AppData\Local\Temp\Install.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:3576

Network

  • flag-unknown
    DNS
    global-sc-ltd.com
    Install.tmp
    Remote address:
    8.8.8.8:53
    Request
    global-sc-ltd.com
    IN A
  • flag-unknown
    DNS
    global-sc-ltd.com
    Install.tmp
    Remote address:
    8.8.8.8:53
    Request
    global-sc-ltd.com
    IN A
  • flag-unknown
    DNS
    global-sc-ltd.com
    Install.tmp
    Remote address:
    8.8.8.8:53
    Request
    global-sc-ltd.com
    IN A
  • flag-unknown
    DNS
    global-sc-ltd.com
    Install.tmp
    Remote address:
    8.8.8.8:53
    Request
    global-sc-ltd.com
    IN A
  • flag-unknown
    DNS
    global-sc-ltd.com
    Install.tmp
    Remote address:
    8.8.8.8:53
    Request
    global-sc-ltd.com
    IN A
  • flag-unknown
    DNS
    global-sc-ltd.com
    Install.tmp
    Remote address:
    8.8.8.8:53
    Request
    global-sc-ltd.com
    IN A
  • flag-unknown
    DNS
    global-sc-ltd.com
    Install.tmp
    Remote address:
    8.8.8.8:53
    Request
    global-sc-ltd.com
    IN A
  • flag-unknown
    DNS
    global-sc-ltd.com
    Install.tmp
    Remote address:
    8.8.8.8:53
    Request
    global-sc-ltd.com
    IN A
  • flag-unknown
    DNS
    global-sc-ltd.com
    Install.tmp
    Remote address:
    8.8.8.8:53
    Request
    global-sc-ltd.com
    IN A
  • flag-unknown
    DNS
    global-sc-ltd.com
    Install.tmp
    Remote address:
    8.8.8.8:53
    Request
    global-sc-ltd.com
    IN A
No results found
  • 8.8.8.8:53
    global-sc-ltd.com
    dns
    Install.tmp
    315 B
     5

    DNS Request

    global-sc-ltd.com

    DNS Request

    global-sc-ltd.com

    DNS Request

    global-sc-ltd.com

    DNS Request

    global-sc-ltd.com

    DNS Request

    global-sc-ltd.com

  • 8.8.8.8:53
    global-sc-ltd.com
    dns
    Install.tmp
    315 B
     5

    DNS Request

    global-sc-ltd.com

    DNS Request

    global-sc-ltd.com

    DNS Request

    global-sc-ltd.com

    DNS Request

    global-sc-ltd.com

    DNS Request

    global-sc-ltd.com

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/624-114-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/3576-119-0x00000000001F0000-0x00000000001F1000-memory.dmp

    Filesize

    4KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.