Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1df5093bac...8d.exe

windows7-x64

7

1df5093bac...8d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    9s
  • max time network
    21s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/10/2022, 08:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1df5093bacf4e7d5e1d056cde08d1d18c0ecd0c2426e3ebc2548161de55b9d8d.exe

  • Size

    313KB

  • MD5

    e7b1312915de0b2e1043da8498fede7f

  • SHA1

    974db5398d35350722558fe4dc425a9d347fae71

  • SHA256

    1df5093bacf4e7d5e1d056cde08d1d18c0ecd0c2426e3ebc2548161de55b9d8d

  • SHA512

    d81b93bb95d7e56434693feac7f5fc6b0bd81dd5f27288919b0fe7ac8fb0e83eef6c06ecda9f7191ff57bae180c94dab98971285ffe06f23a232b1c8ad6974e7

  • SSDEEP

    6144:krK9uEo2S1YnQmCX492DkwNP3qpYFtcM7dZssr+Ixf6LuDTKD2ay9KGYG0Lq:kryu6/eIo4vMResyEf0uP9d9UG0q

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\1df5093bacf4e7d5e1d056cde08d1d18c0ecd0c2426e3ebc2548161de55b9d8d.exe
    "C:\Users\Admin\AppData\Local\Temp\1df5093bacf4e7d5e1d056cde08d1d18c0ecd0c2426e3ebc2548161de55b9d8d.exe"
    1⤵
    • Loads dropped DLL
    PID:2988

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Tsu25C5F176.dll
    Filesize

    67KB

    MD5

    8ac86f79625fe406a1ef83d9ce9bb446

    SHA1

    453147f1ef7e91dc773a5f1887998aa59f29f494

    SHA256

    4b8a968c212c634e261d3c62d5bd1375da96e7b83039e72c233bde15e0021790

    SHA512

    340f2dcacefc7e8f98f441d0aa48f8614edd57c6fb3df1e69444ab581eb15351fa2eb6017a7629d9e2ff47d8314de11b2661b11863549177b64b0009050add44

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\{D4F30DED-408D-44A3-A648-08AF0F102F1B}\Custom.dll
    Filesize

    26KB

    MD5

    0b156e528e6ae4ffe787b780b9444f91

    SHA1

    2a102624dcdab4dab373efbebb36b56223f0511e

    SHA256

    a9ace197e378fdd8ba970bc185a7f8eb6f15ad94108cbc741e72e995a8ca8a80

    SHA512

    f2e43d2bf34d0bd2edf8b6295bbe35ad85d209bd7b1dd5f169bba30e4ee0df23c89e0b3b6879984a1589954f8e711bc744d590d807afc9b535a4ca364ed88445

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\{D4F30DED-408D-44A3-A648-08AF0F102F1B}\_Setup.dll
    Filesize

    34KB

    MD5

    30f7b2a25fa5c029471daff3afae064a

    SHA1

    81f74f52be70624e4db240050c496fe392659a31

    SHA256

    193a32317c761e2034676ccafeecf3bbb2a5dee2ac5e2418cbb6ad0a052c7598

    SHA512

    7c3dea63f674a36c9b081c43a2f5020dc4efaa2312cea2a6f770d31b7a79c051aaa65d91ca26dc0d9876ba78612c8c9be1761e90c01aa23a3c34c85b46c79d6c

    Download Submit