Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

f860d476c3...cc.exe

windows7-x64

7

f860d476c3...cc.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    2s
  • max time network
    24s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29/10/2022, 05:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f860d476c33b474776aa8ccad57e618a814d0a01c58a73b47b8164138fdba0cc.exe

  • Size

    304KB

  • MD5

    a23e7bfb7a8a7864983c4bc0846b3d2b

  • SHA1

    d903c9ff4c3e14ecafc779f3bc6769939ed1191a

  • SHA256

    f860d476c33b474776aa8ccad57e618a814d0a01c58a73b47b8164138fdba0cc

  • SHA512

    01a0d4c462e1e8d700023decc202a018270a7c92e5f1f93ad6a4fc96b5f62a562c5f08c56dd30bac7e6ce05c654a1475dffed27da53b2e93b20c080a7b7e173c

  • SSDEEP

    6144:1rkW9uEo2S1YnQmCX492DkwNP3qpYF4AqqWb+qR9h+uqkNfoM6YV5TmNa1a3SyP4:1rkuu6/eIo4tQW62T+uTwM6YVxm244

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\f860d476c33b474776aa8ccad57e618a814d0a01c58a73b47b8164138fdba0cc.exe
    "C:\Users\Admin\AppData\Local\Temp\f860d476c33b474776aa8ccad57e618a814d0a01c58a73b47b8164138fdba0cc.exe"
    1⤵
    • Loads dropped DLL
    PID:1200

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu1FDF1139.dll
    Filesize

    86KB

    MD5

    dc1bfc2f74118b6d36e01835b67760a9

    SHA1

    17685edb77ba08253ed2c31af7ace9bd80495ceb

    SHA256

    8ac0044606a8ba9c5c596e3744f8ecba3f37f10497a9ab3b5e0da186b3d21b95

    SHA512

    d4786326f098640611a846614e2df181181437fbe46da7f8cc90ba43871cb2456c8ea6634f3bf08ff18ecba9e380034f43dfc9723c086bd440e4e87af5acaff6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{D8519D5E-D958-46D6-A43D-917A03B2BFA8}\Custom.dll
    Filesize

    73KB

    MD5

    56e4e9e881524397c9f6dca5ca70b1e8

    SHA1

    8ad77bad589591171eb94a593c3814a3b742f79c

    SHA256

    2e6e83c80a887c82c890053f491e0cb24074967b5ae7af7c8c4bcae78af2a22b

    SHA512

    130c83dfc0db281bd7999edc6c295f122ab3ba00c69353daad988866680a6994365874eb29122b8473930d2ba0df58bdfb27eb8897a819f79c8b8e31e6597700

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{D8519D5E-D958-46D6-A43D-917A03B2BFA8}\_Setup.dll
    Filesize

    46KB

    MD5

    8cb8137b6079640a71ca92ce4e1fd05e

    SHA1

    59072b8176e69c43f4fdda5dfe3049d16a4282ca

    SHA256

    b5bc6ba8316df24049e57ce9fb17ffa06d5a59d77e64ea1e9abbf6adf1e05185

    SHA512

    138d6f89cdf7cbba9a352eaf0a9f688845d2db59103ff5a069867a12cdcdfcc1dcf302ccd6e312449211e47ec1342e287836fefb755fc6cedcddbf206b27f72e

    Download Submit

  • memory/1200-55-0x0000000075091000-0x0000000075093000-memory.dmp

    Filesize

    8KB

    Download