Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

d3023f6608...ae.exe

windows7-x64

8

d3023f6608...ae.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    96s
  • max time network
    101s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    06/11/2022, 07:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d3023f6608edbf3ff84be793a4788afca82ab09d45c4aae1a35c8b5439ffe3ae.exe

  • Size

    808KB

  • MD5

    2276dda5e5b862ec85ebb5c26c17cd70

  • SHA1

    107dcd6e1fbe6dd9ab5cc7a7b241ad0998c583d4

  • SHA256

    d3023f6608edbf3ff84be793a4788afca82ab09d45c4aae1a35c8b5439ffe3ae

  • SHA512

    d94771551217cbe91cb3965b51dc6cb4cbd3b89fffeb9bb68a276334535b36505d225440f1d7a888cc66d0fc68b7451f17baaed59e76eb2171e5780a3f3c6123

  • SSDEEP

    6144:QA6vdUNIPcmmmRm4EG76adSNc/B9XgGJ2F2SrzzzzA:VMEmREGO8oc/B9QA1

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 5 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d3023f6608edbf3ff84be793a4788afca82ab09d45c4aae1a35c8b5439ffe3ae.exe
    "C:\Users\Admin\AppData\Local\Temp\d3023f6608edbf3ff84be793a4788afca82ab09d45c4aae1a35c8b5439ffe3ae.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1228
    • C:\Users\Admin\AppData\Local\Temp\new_hhh258.exe_E0CE4CB668B26FCF6526740CF49A3AF5B9E9FEB4.exe
      "C:\Users\Admin\AppData\Local\Temp\new_hhh258.exe_E0CE4CB668B26FCF6526740CF49A3AF5B9E9FEB4.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      PID:2032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\new_hhh258.exe_E0CE4CB668B26FCF6526740CF49A3AF5B9E9FEB4.exe
    Filesize

    252KB

    MD5

    251ab27eb6eaa523df20f68b2c2c2628

    SHA1

    b319d0984b27a9fef399111ee79ed9cbf10f6cae

    SHA256

    99937cd0c019d1935340463fecc5ee45ac083faf61661267a9c516c4edb1f6ca

    SHA512

    582f92245306e2d89638b4491e62b78bc938300f6aef8f2b9740515eaf499fefc549d49449e9ffc4cbb0128735bec193bdc45c0b3c7cdbff1fa4326a1e8663d2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\new_hhh258.exe_E0CE4CB668B26FCF6526740CF49A3AF5B9E9FEB4.exe
    Filesize

    252KB

    MD5

    251ab27eb6eaa523df20f68b2c2c2628

    SHA1

    b319d0984b27a9fef399111ee79ed9cbf10f6cae

    SHA256

    99937cd0c019d1935340463fecc5ee45ac083faf61661267a9c516c4edb1f6ca

    SHA512

    582f92245306e2d89638b4491e62b78bc938300f6aef8f2b9740515eaf499fefc549d49449e9ffc4cbb0128735bec193bdc45c0b3c7cdbff1fa4326a1e8663d2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\new_hhh258.exe_E0CE4CB668B26FCF6526740CF49A3AF5B9E9FEB4.exe
    Filesize

    252KB

    MD5

    251ab27eb6eaa523df20f68b2c2c2628

    SHA1

    b319d0984b27a9fef399111ee79ed9cbf10f6cae

    SHA256

    99937cd0c019d1935340463fecc5ee45ac083faf61661267a9c516c4edb1f6ca

    SHA512

    582f92245306e2d89638b4491e62b78bc938300f6aef8f2b9740515eaf499fefc549d49449e9ffc4cbb0128735bec193bdc45c0b3c7cdbff1fa4326a1e8663d2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\new_hhh258.exe_E0CE4CB668B26FCF6526740CF49A3AF5B9E9FEB4.exe
    Filesize

    252KB

    MD5

    251ab27eb6eaa523df20f68b2c2c2628

    SHA1

    b319d0984b27a9fef399111ee79ed9cbf10f6cae

    SHA256

    99937cd0c019d1935340463fecc5ee45ac083faf61661267a9c516c4edb1f6ca

    SHA512

    582f92245306e2d89638b4491e62b78bc938300f6aef8f2b9740515eaf499fefc549d49449e9ffc4cbb0128735bec193bdc45c0b3c7cdbff1fa4326a1e8663d2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\new_hhh258.exe_E0CE4CB668B26FCF6526740CF49A3AF5B9E9FEB4.exe
    Filesize

    252KB

    MD5

    251ab27eb6eaa523df20f68b2c2c2628

    SHA1

    b319d0984b27a9fef399111ee79ed9cbf10f6cae

    SHA256

    99937cd0c019d1935340463fecc5ee45ac083faf61661267a9c516c4edb1f6ca

    SHA512

    582f92245306e2d89638b4491e62b78bc938300f6aef8f2b9740515eaf499fefc549d49449e9ffc4cbb0128735bec193bdc45c0b3c7cdbff1fa4326a1e8663d2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\new_hhh258.exe_E0CE4CB668B26FCF6526740CF49A3AF5B9E9FEB4.exe
    Filesize

    252KB

    MD5

    251ab27eb6eaa523df20f68b2c2c2628

    SHA1

    b319d0984b27a9fef399111ee79ed9cbf10f6cae

    SHA256

    99937cd0c019d1935340463fecc5ee45ac083faf61661267a9c516c4edb1f6ca

    SHA512

    582f92245306e2d89638b4491e62b78bc938300f6aef8f2b9740515eaf499fefc549d49449e9ffc4cbb0128735bec193bdc45c0b3c7cdbff1fa4326a1e8663d2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\new_hhh258.exe_E0CE4CB668B26FCF6526740CF49A3AF5B9E9FEB4.exe
    Filesize

    252KB

    MD5

    251ab27eb6eaa523df20f68b2c2c2628

    SHA1

    b319d0984b27a9fef399111ee79ed9cbf10f6cae

    SHA256

    99937cd0c019d1935340463fecc5ee45ac083faf61661267a9c516c4edb1f6ca

    SHA512

    582f92245306e2d89638b4491e62b78bc938300f6aef8f2b9740515eaf499fefc549d49449e9ffc4cbb0128735bec193bdc45c0b3c7cdbff1fa4326a1e8663d2

    Download Submit

  • memory/1228-54-0x0000000075A11000-0x0000000075A13000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1228-65-0x0000000000400000-0x0000000000450000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1228-66-0x0000000000840000-0x0000000000890000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1228-67-0x0000000000840000-0x0000000000890000-memory.dmp

    Filesize

    320KB

    Download

  • memory/2032-60-0x0000000000400000-0x0000000000441000-memory.dmp

    Filesize

    260KB

    Download

  • memory/2032-68-0x0000000002FD0000-0x00000000031D4000-memory.dmp

    Filesize

    2.0MB

    Download