Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

a9fdcb0ec9...86.exe

windows7-x64

7

a9fdcb0ec9...86.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    45s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2022, 18:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a9fdcb0ec9b1a5cb1d78b0dbd19aa8e8750a2ebd90c7eeaf1bc98c72009f1686.exe

  • Size

    282KB

  • MD5

    77bc3a10d2417eb130167b9981a6c701

  • SHA1

    e1377b133330a7aa46c2ea933d92e9e498c1f13f

  • SHA256

    a9fdcb0ec9b1a5cb1d78b0dbd19aa8e8750a2ebd90c7eeaf1bc98c72009f1686

  • SHA512

    c02f92938c6b04f184e86566b395a1f980250e819775e6a5d2a06273fd475f9916d51d5ab47d276623af1efc3aae2f8c6b51ad033f5bef8ed11de3c3c5b6df0d

  • SSDEEP

    6144:hK89q1wDa2Tt0rSYAojx+VKLbAJAjK873t3p1EdFCwMGY:Y8Mia2Tscol+k3AJAjK8XCvCd

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a9fdcb0ec9b1a5cb1d78b0dbd19aa8e8750a2ebd90c7eeaf1bc98c72009f1686.exe
    "C:\Users\Admin\AppData\Local\Temp\a9fdcb0ec9b1a5cb1d78b0dbd19aa8e8750a2ebd90c7eeaf1bc98c72009f1686.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:1324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Windows\SysWOW64\sshnas21.dll
    Filesize

    221KB

    MD5

    062c35c8e4b7d7d40dbb0d9a165c6b30

    SHA1

    a0e2c434b04b9811c35f5268bd9a6ed3d6ca0ed2

    SHA256

    bea902f922c64e5ba673cdcaafac649af5848d55c46a96a669bf3e4fd1269e81

    SHA512

    4aa541fd03e20fea72726a338f05ecbc5f9f5675043b18558671ecf05935dc610c81712f44a364306fd4c660d29bcc71d19e318c9905e88d7385e065c4d28801

    Download Submit

  • memory/1324-54-0x0000000075AC1000-0x0000000075AC3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1324-55-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB

    Download

  • memory/1324-57-0x0000000010000000-0x0000000010065000-memory.dmp

    Filesize

    404KB

    Download

  • memory/1324-58-0x0000000000160000-0x000000000016F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/1324-59-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB

    Download