Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

2c7f0b6e09...4d.exe

windows7-x64

8

2c7f0b6e09...4d.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    165s
  • max time network
    172s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/09/2022, 04:53 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2c7f0b6e09a164d6bbe7e701b4feacd13d0f575b6a39834e108d1ae71020104d.exe

  • Size

    57KB

  • MD5

    0537cff2e2fc1e183ab5b86440bc5d73

  • SHA1

    8c7f21e22d2cf72f044d694a13db6c2de1f3db95

  • SHA256

    2c7f0b6e09a164d6bbe7e701b4feacd13d0f575b6a39834e108d1ae71020104d

  • SHA512

    f5aa1002e2c67bb582ad67533494e9c2dc848e659cbe353b287516fc5aa20ae18084c86f54c0061d2426e0ada57db2ed710cdd079bea5b467fb060da3fbf1ed0

  • SSDEEP

    1536:qA3mB7j/OmPi55Aebhlx2PmaQsNtdcGL84iAe:qh7zOmKkg4OanNtdvFe

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

Processes

  • C:\Users\Admin\AppData\Local\Temp\2c7f0b6e09a164d6bbe7e701b4feacd13d0f575b6a39834e108d1ae71020104d.exe
    "C:\Users\Admin\AppData\Local\Temp\2c7f0b6e09a164d6bbe7e701b4feacd13d0f575b6a39834e108d1ae71020104d.exe"
    1⤵
      PID:2252

    Network

      No results found
    • 209.197.3.8:80
      260 B
       5
    • 93.184.221.240:80
      322 B
       7
    • 209.197.3.8:80
      260 B
       5
    • 20.52.64.200:443
      322 B
       7
    No results found

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2252-132-0x0000000000400000-0x000000000043E000-memory.dmp

      Filesize

      248KB

      Download

    • memory/2252-133-0x0000000000400000-0x000000000043E000-memory.dmp

      Filesize

      248KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.