Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

d26dbf7d20...85.exe

windows7-x64

8

d26dbf7d20...85.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    68s
  • max time network
    133s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/10/2022, 19:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d26dbf7d20c7ba411cb17a53d866726f3d490182a877b0802c01ad9944734b85.exe

  • Size

    4.8MB

  • MD5

    4ed37bc3cb635db8a1dc88639201a1b3

  • SHA1

    edf37178b5fa0813fd1ac6668ac55d92a9643f73

  • SHA256

    d26dbf7d20c7ba411cb17a53d866726f3d490182a877b0802c01ad9944734b85

  • SHA512

    dd33e9ddf3d7c14e89e1912d2baf27af374369d1f5e5d9067cd97636a3eee474185d39002585a54262b9657eb1948dd3e2c6bfc6d3bc292cbc5762edf2209901

  • SSDEEP

    98304:vvnuhJ3VlFR8f/4hC0Sj/aUi3Dv1CWBE3ZGdnAWf0/5XpcUW:3nmZ9Sf/p23Dv842Wf0Fe

Score
8/10
upxvmprotect

Malware Config

Signatures

  • UPX packed file 24 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • VMProtect packed file 3 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d26dbf7d20c7ba411cb17a53d866726f3d490182a877b0802c01ad9944734b85.exe
    "C:\Users\Admin\AppData\Local\Temp\d26dbf7d20c7ba411cb17a53d866726f3d490182a877b0802c01ad9944734b85.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4844-132-0x0000000000400000-0x0000000000F19000-memory.dmp

    Filesize

    11.1MB

    Download

  • memory/4844-133-0x0000000000400000-0x0000000000F19000-memory.dmp

    Filesize

    11.1MB

    Download

  • memory/4844-136-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-137-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-138-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-140-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-142-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-144-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-146-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-148-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-150-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-152-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-154-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-156-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-158-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-160-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-162-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-164-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-166-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-168-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-170-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-172-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-174-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-176-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-178-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4844-179-0x0000000000400000-0x0000000000F19000-memory.dmp

    Filesize

    11.1MB

    Download

  • memory/4844-180-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download