Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

9bd5a3b0ae...96.exe

windows7-x64

9

9bd5a3b0ae...96.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    142s
  • max time network
    169s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29/10/2022, 22:16 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9bd5a3b0ae38688f7b6b97a26330aef58dbd7dc860a54002b39ca46117fa2e96.exe

  • Size

    384KB

  • MD5

    847f102c6a1890f14706f096f210e210

  • SHA1

    a3d3f5f3a72a1406dc0f329d26bfdb9ead44d9c6

  • SHA256

    9bd5a3b0ae38688f7b6b97a26330aef58dbd7dc860a54002b39ca46117fa2e96

  • SHA512

    36dbbc2bb399af533ed927abd8e2a83ec75fa3769b6f10d2a97d1ab91616ff267e333034f8d4fd5875210945cc81333f7b98a3af21588a85e48e532541f8aca3

  • SSDEEP

    12288:Gw0cYaTDNOjqUdi00ZWjBp5szpqPUTu8yC6S:GRtafNOjqUE00yBp5a0UTt6S

Score
9/10
evasion

Malware Config

Signatures

  • Checks for common network interception software 1 TTPs

    Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

    evasion
  • Enumerates VirtualBox registry keys 2 TTPs 1 IoCs
    evasion
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9bd5a3b0ae38688f7b6b97a26330aef58dbd7dc860a54002b39ca46117fa2e96.exe
    "C:\Users\Admin\AppData\Local\Temp\9bd5a3b0ae38688f7b6b97a26330aef58dbd7dc860a54002b39ca46117fa2e96.exe"
    1⤵
    • Enumerates VirtualBox registry keys
    • Suspicious behavior: EnumeratesProcesses
    PID:1016

Network

    No results found
  • 98.142.243.62:80
    9bd5a3b0ae38688f7b6b97a26330aef58dbd7dc860a54002b39ca46117fa2e96.exe
    152 B
     3
  • 65.98.83.116:80
    9bd5a3b0ae38688f7b6b97a26330aef58dbd7dc860a54002b39ca46117fa2e96.exe
    152 B
     3
  • 65.98.83.116:80
    9bd5a3b0ae38688f7b6b97a26330aef58dbd7dc860a54002b39ca46117fa2e96.exe
    152 B
     3
  • 80.72.37.21:80
    9bd5a3b0ae38688f7b6b97a26330aef58dbd7dc860a54002b39ca46117fa2e96.exe
    152 B
     3
  • 80.72.37.21:80
    9bd5a3b0ae38688f7b6b97a26330aef58dbd7dc860a54002b39ca46117fa2e96.exe
    152 B
     3
  • 98.142.243.62:80
    9bd5a3b0ae38688f7b6b97a26330aef58dbd7dc860a54002b39ca46117fa2e96.exe
    104 B
     2
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1016-54-0x0000000000020000-0x0000000000024000-memory.dmp

    Filesize

    16KB

    Download

  • memory/1016-55-0x0000000000020000-0x0000000000024000-memory.dmp

    Filesize

    16KB

    Download

  • memory/1016-56-0x0000000000020000-0x0000000000023000-memory.dmp

    Filesize

    12KB

    Download

  • memory/1016-57-0x00000000764D1000-0x00000000764D3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1016-58-0x0000000000400000-0x000000000049D000-memory.dmp

    Filesize

    628KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.