Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

install_me_please.exe

windows7-x64

7

install_me_please.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    41s
  • max time network
    44s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2022, 04:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    install_me_please.exe

  • Size

    7.7MB

  • MD5

    ea5e91f6de068724a2cc3c178d693139

  • SHA1

    7ed32b495a3deb0a91dfb3d23eea74aded475351

  • SHA256

    d5d7bc96ee2e5065045a44fc6cf9125c3bd0cfd22387aa293931a28b0b0af3db

  • SHA512

    e438d2a7d3aae8d7514b022904a4657454c7207b85df1b4c79537403c2df374109b4f40bffb2275fd495533955ba095d8ea840e0d77352ec304990490c6ae525

  • SSDEEP

    196608:Wwx75kICteEroXxWVfEqlbkkwR7VTEUpGHiV5/jC03xh:rCInEroXgfEqirRRoUpGHiP/ewh

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\install_me_please.exe
    "C:\Users\Admin\AppData\Local\Temp\install_me_please.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1504
    • C:\Users\Admin\AppData\Local\Temp\install_me_please.exe
      "C:\Users\Admin\AppData\Local\Temp\install_me_please.exe"
      2⤵
      • Loads dropped DLL
      PID:1284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI15042\api-ms-win-core-file-l1-2-0.dll
    Filesize

    20KB

    MD5

    95fc810f959d96c61f6f9253127bff71

    SHA1

    8fc9c9734c403b0b84bc179959981aa091c17099

    SHA256

    5fb473086e44333037e8d1caf6b8d28de65456dd857ae5b8b4e19c8ade503805

    SHA512

    349cf1abe86cf719e3133dfeaac49653178c06749745263bb166ee05b3d68011d673027976869a5d6b2982f789e826867dd5436965a95d0a5165bea151db28a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI15042\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    20KB

    MD5

    03a206acd8506a98e0739ce47e01b953

    SHA1

    e31aadf5311edb2ec94a1ed6626530e113dfae4f

    SHA256

    17c5b3baa666e84ee40672322bd7d7e358d245e1654bd002c4a3e69b6506d9f6

    SHA512

    affffe086058ffea5bfe7b4cf6aca351ec85e314b3e8be5d47e3b9ca59c3460561a0c9ccba0f1464dc4586d6c9eb6595fb7515ca7b3347283162d9e8206688df

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI15042\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    20KB

    MD5

    b27eeb752278d9b29bcb85b9e21dffce

    SHA1

    cd4e423db7965af1977ccd9af15c6c57875fab7c

    SHA256

    1a9353d63287fccea1c4c25477e53b0e7ab3486a041126889394095e72de2cfc

    SHA512

    91c0edf007f28a62c291174bf8c8d16db8f9e250976994ca608186aec668d4febe9dccb5fd8cfecdaf6323eebb20652696223ab6e458938a9a26533585a3e4a8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI15042\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    20KB

    MD5

    f1c33921470337eda023dee2bba77806

    SHA1

    f5141609be944e521631cb9c8c81f809e6f0942a

    SHA256

    7821beadeab01bb8ab3712b896b092786d85e7a220ef35149092db431895871b

    SHA512

    d3131b9a011083b469ce05a3b4241e7b366ced42240ea429fbbe3770ee9073c532aee2fa8c206e6b579d26dbb838efd5ab84d4dfa8b4ed106bc9b42dc05c35e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI15042\python39.dll
    Filesize

    4.3MB

    MD5

    7e9d14aa762a46bb5ebac14fbaeaa238

    SHA1

    a5d90a7df9b90bdd8a84d7dc5066e4ea64ceb3d9

    SHA256

    e456ef44b261f895a01efb52d26c7a0c7d7d465b647a7b5592708ebf693f12a3

    SHA512

    280f16348df1c0953bbc6f37ff277485351171d0545ebe469bacd106d907917f87584154aec0f193f37322bc93ac5433cd9a5b5c7f47367176e5a8b19bbd5023

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI15042\ucrtbase.dll
    Filesize

    1.1MB

    MD5

    bfaa5c95ea3b7d9348cb82d2f83a2e46

    SHA1

    dad86aebb021e5c7d0de59ac2411e64e8e902792

    SHA256

    d8d111bed34953e6893a355fb178e7ac38afdaf197d2d684c8bc5549ff245fb5

    SHA512

    960738979c670557bb343970679279dfe2e514fa0bd44d8be23e568d1db8784b04a9cdc051aba5a8f431696643fa56a9fa7b97967a1932cf871e33376937a018

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI15042\api-ms-win-core-file-l1-2-0.dll
    Filesize

    20KB

    MD5

    95fc810f959d96c61f6f9253127bff71

    SHA1

    8fc9c9734c403b0b84bc179959981aa091c17099

    SHA256

    5fb473086e44333037e8d1caf6b8d28de65456dd857ae5b8b4e19c8ade503805

    SHA512

    349cf1abe86cf719e3133dfeaac49653178c06749745263bb166ee05b3d68011d673027976869a5d6b2982f789e826867dd5436965a95d0a5165bea151db28a6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI15042\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    20KB

    MD5

    03a206acd8506a98e0739ce47e01b953

    SHA1

    e31aadf5311edb2ec94a1ed6626530e113dfae4f

    SHA256

    17c5b3baa666e84ee40672322bd7d7e358d245e1654bd002c4a3e69b6506d9f6

    SHA512

    affffe086058ffea5bfe7b4cf6aca351ec85e314b3e8be5d47e3b9ca59c3460561a0c9ccba0f1464dc4586d6c9eb6595fb7515ca7b3347283162d9e8206688df

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI15042\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    20KB

    MD5

    b27eeb752278d9b29bcb85b9e21dffce

    SHA1

    cd4e423db7965af1977ccd9af15c6c57875fab7c

    SHA256

    1a9353d63287fccea1c4c25477e53b0e7ab3486a041126889394095e72de2cfc

    SHA512

    91c0edf007f28a62c291174bf8c8d16db8f9e250976994ca608186aec668d4febe9dccb5fd8cfecdaf6323eebb20652696223ab6e458938a9a26533585a3e4a8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI15042\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    20KB

    MD5

    f1c33921470337eda023dee2bba77806

    SHA1

    f5141609be944e521631cb9c8c81f809e6f0942a

    SHA256

    7821beadeab01bb8ab3712b896b092786d85e7a220ef35149092db431895871b

    SHA512

    d3131b9a011083b469ce05a3b4241e7b366ced42240ea429fbbe3770ee9073c532aee2fa8c206e6b579d26dbb838efd5ab84d4dfa8b4ed106bc9b42dc05c35e3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI15042\python39.dll
    Filesize

    4.3MB

    MD5

    7e9d14aa762a46bb5ebac14fbaeaa238

    SHA1

    a5d90a7df9b90bdd8a84d7dc5066e4ea64ceb3d9

    SHA256

    e456ef44b261f895a01efb52d26c7a0c7d7d465b647a7b5592708ebf693f12a3

    SHA512

    280f16348df1c0953bbc6f37ff277485351171d0545ebe469bacd106d907917f87584154aec0f193f37322bc93ac5433cd9a5b5c7f47367176e5a8b19bbd5023

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI15042\ucrtbase.dll
    Filesize

    1.1MB

    MD5

    bfaa5c95ea3b7d9348cb82d2f83a2e46

    SHA1

    dad86aebb021e5c7d0de59ac2411e64e8e902792

    SHA256

    d8d111bed34953e6893a355fb178e7ac38afdaf197d2d684c8bc5549ff245fb5

    SHA512

    960738979c670557bb343970679279dfe2e514fa0bd44d8be23e568d1db8784b04a9cdc051aba5a8f431696643fa56a9fa7b97967a1932cf871e33376937a018

    Download Submit