Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

b170532739...48.exe

windows7-x64

7

b170532739...48.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    4s
  • max time network
    63s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29/10/2022, 04:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b1705327394f18a76cf41063c9541c4c1aabb056fcb47279863758567465e348.exe

  • Size

    316KB

  • MD5

    80192fa48cd84f5d5f0dc1de65e4e33b

  • SHA1

    8a91c9452719d611321fe3c8d88a0c283746b4f8

  • SHA256

    b1705327394f18a76cf41063c9541c4c1aabb056fcb47279863758567465e348

  • SHA512

    0bee7d3ad33f7edb6f87f33132951137d1a2c68c35c06d8934c585cbee907ae844682eb30544599e4830fa5a455555938d5e3093d9d55fd48d72f47f5a15ce6a

  • SSDEEP

    6144:CribUzkuvcBYC47l2xLNaFmoKZLxtHU/TMDkW01eedmQb+xu:Cr7kuveY33FJUo7MDkA6D

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\b1705327394f18a76cf41063c9541c4c1aabb056fcb47279863758567465e348.exe
    "C:\Users\Admin\AppData\Local\Temp\b1705327394f18a76cf41063c9541c4c1aabb056fcb47279863758567465e348.exe"
    1⤵
    • Loads dropped DLL
    PID:940

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu54E1E262.dll
    Filesize

    24KB

    MD5

    abf3d73823271b15ee7655769d7d90a3

    SHA1

    735aa489ac1b222ae6ef6529b140ba415071a231

    SHA256

    f2b73bf2d01aa9967d9969fc2d5aee852198f635f0089aa4c5a70b068ffb572d

    SHA512

    d9f6aad6a0fcc2cb0fcf778890e478f31124d4873a977780a029a79cd014fe7c1872476389cdfa2471af5e4ca2732d8c8dc38a145ed08e22a9b7671bddb7b360

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{79AD2692-EA96-4C23-AEC8-A2B4A24E0464}\Custom.dll
    Filesize

    19KB

    MD5

    b60b48848fe7af7bbee7ad3021f11622

    SHA1

    e7019393f87c3732bdd7fb09f188e6bcd66c363b

    SHA256

    15ba7cfa1cc490a5761aa795cf734bbfdab73599e1fff0cb2f2f41be5ab1c2cc

    SHA512

    7005043a73f598267cdc4b2a96212ec9f0c6b85edb7b1f65f49317f37b9a333782669f68f8f780ee8d4a00ac2f1c9fa7967d364d6bd73d82ab0429ecca50be13

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{79AD2692-EA96-4C23-AEC8-A2B4A24E0464}\_Setup.dll
    Filesize

    23KB

    MD5

    0a193bf28a089847ed759f830c66965a

    SHA1

    58fbead21b986fd07b01061b0ed1d698feee3e60

    SHA256

    d75585ca482632b5dea906c7fc2fe7b10c44c92576bc7ec9cb24835eabfac2c7

    SHA512

    cf74d8ea0584092134c1126205c5600a579cd9b768c1d6d7945e3a03e0c0fcc4c7337d9b9626efe0e55eb4d9b4c609e16f6cdc93d15ff8d780562020e95a1793

    Download Submit

  • memory/940-55-0x00000000756B1000-0x00000000756B3000-memory.dmp

    Filesize

    8KB

    Download