Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8cc39a2c9b...5c.exe

windows7-x64

8

8cc39a2c9b...5c.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    137s
  • max time network
    175s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/10/2022, 14:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8cc39a2c9b54acf6977e855f56d9fc790bdc6141c89cfe6661b5ea737986825c.exe

  • Size

    183KB

  • MD5

    a2a02be77e6b5dc5bee39766c5822ab0

  • SHA1

    9c001921286dcf7d10834549460754aa50176292

  • SHA256

    8cc39a2c9b54acf6977e855f56d9fc790bdc6141c89cfe6661b5ea737986825c

  • SHA512

    2de3e0f2e98a7b48fea21de91a956b31d22086f4c04e7636910b5301ea9dc967a470691ffd8044d0d210654c0a50823e07aa14ca49230882c38e2892b246ae1f

  • SSDEEP

    3072:sdmtrAHFRpxvMDk67fXf4b2IEUKDOp1V6Cc49R/dMMMMMM2MMMMMZ1EDOaDOW:s4UHFnuDk67fe2g18CRRVMMMMMM2MMMc

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:2648
      • C:\Users\Admin\AppData\Local\Temp\8cc39a2c9b54acf6977e855f56d9fc790bdc6141c89cfe6661b5ea737986825c.exe
        "C:\Users\Admin\AppData\Local\Temp\8cc39a2c9b54acf6977e855f56d9fc790bdc6141c89cfe6661b5ea737986825c.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:608
        • C:\Users\Admin\AppData\Local\Temp\8cc39a2c9b54acf6977e855f56d9fc790bdc6141c89cfe6661b5ea737986825c.com
          C:\Users\Admin\AppData\Local\Temp\8cc39a2c9b54acf6977e855f56d9fc790bdc6141c89cfe6661b5ea737986825c.com
          3⤵
          • Executes dropped EXE
          PID:2304

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\8cc39a2c9b54acf6977e855f56d9fc790bdc6141c89cfe6661b5ea737986825c.com
      Filesize

      95KB

      MD5

      ec2fca135b73333ea380f5d85f2f4220

      SHA1

      9f74b406c2ec35276f35d84f9004156a57ce94cd

      SHA256

      f59b59e9c4978cad6dc4cccb4636e40ae6c6d81ab0c3b454bf76f0d49d0e9fae

      SHA512

      a4abf0d859e80b1163c69012323944e0069465500ea90964f90d9fc4f4aa856ec39da311771c83bb99c692f429f598132b243516f001c08424f45a93e4f1a1fc

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\8cc39a2c9b54acf6977e855f56d9fc790bdc6141c89cfe6661b5ea737986825c.com
      Filesize

      95KB

      MD5

      ec2fca135b73333ea380f5d85f2f4220

      SHA1

      9f74b406c2ec35276f35d84f9004156a57ce94cd

      SHA256

      f59b59e9c4978cad6dc4cccb4636e40ae6c6d81ab0c3b454bf76f0d49d0e9fae

      SHA512

      a4abf0d859e80b1163c69012323944e0069465500ea90964f90d9fc4f4aa856ec39da311771c83bb99c692f429f598132b243516f001c08424f45a93e4f1a1fc

      Download Submit