Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

4d47905c0d...11.exe

windows7-x64

8

4d47905c0d...11.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    38s
  • max time network
    41s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2022, 15:10 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4d47905c0ddb8fb8b555e137e922fc6a2c940dc6ed639182f99f04587f25e211.exe

  • Size

    594KB

  • MD5

    74cbaf5134ee6cabada5aa172b426770

  • SHA1

    1746bff98f323cc3907912b44422712b100e80fa

  • SHA256

    4d47905c0ddb8fb8b555e137e922fc6a2c940dc6ed639182f99f04587f25e211

  • SHA512

    38a44fa04ce411857abc8e87b368d32a4c0796c7d05cd8424eefb0806c280823858cf19364c62b276482e6e496abd47df49b404d24539a190c52c77186ad9a62

  • SSDEEP

    12288:mX2/U+GngI3xU5eo2BkcNf618kJiRvhbFTqqWF7tQ2Ta4Sw:U28lJxU5eomRNf6BJiPFGq6y2Ta4/

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4d47905c0ddb8fb8b555e137e922fc6a2c940dc6ed639182f99f04587f25e211.exe
    "C:\Users\Admin\AppData\Local\Temp\4d47905c0ddb8fb8b555e137e922fc6a2c940dc6ed639182f99f04587f25e211.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious behavior: EnumeratesProcesses
    PID:1960
  • C:\Program Files (x86)\90ucw\shtep.exe
    "C:\Program Files (x86)\90ucw\shtep.exe"
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:1368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      C:\Program Files (x86)\90ucw\shtep.exe
      2⤵
        PID:1388

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Program Files (x86)\90ucw\shtep.exe
      Filesize

      21.6MB

      MD5

      5979d2e144aad1824dd90ea5f018e8c6

      SHA1

      101187eac1a037ab1365cd1c9ef71c4449fca4d2

      SHA256

      51c77be5492d06337f9d1079030d24ed5f99879daee187fa32726c10c1d67288

      SHA512

      d899edc73ffc978a4d5d553ab567acc2f76575a4d3be0dd5b37b9404b9172d3dae29037200f79c81369f6f97253a82178115e8d538ace16901b77f605b6e7092

      Download Submit

    • C:\Program Files (x86)\90ucw\shtep.exe
      Filesize

      21.6MB

      MD5

      5979d2e144aad1824dd90ea5f018e8c6

      SHA1

      101187eac1a037ab1365cd1c9ef71c4449fca4d2

      SHA256

      51c77be5492d06337f9d1079030d24ed5f99879daee187fa32726c10c1d67288

      SHA512

      d899edc73ffc978a4d5d553ab567acc2f76575a4d3be0dd5b37b9404b9172d3dae29037200f79c81369f6f97253a82178115e8d538ace16901b77f605b6e7092

      Download Submit

    • memory/1960-54-0x0000000075451000-0x0000000075453000-memory.dmp

      Filesize

      8KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.