Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

6c79409cb6...c9.exe

windows7-x64

9

6c79409cb6...c9.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    92s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/11/2022, 20:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6c79409cb689b7b7bc5fa46de1c53bf5a379ea0993d66e6c6bb4e92b27d92bc9.exe

  • Size

    218KB

  • MD5

    0c42edd69bce48430c227a4c5b2aeab0

  • SHA1

    3423ae404ae6aff6d585a1755639b7e1ee53b929

  • SHA256

    6c79409cb689b7b7bc5fa46de1c53bf5a379ea0993d66e6c6bb4e92b27d92bc9

  • SHA512

    2dd488387a3fe514ca3a9001efcf021127d17bb11036e8d846a127795738f1b96fb620ce4a394d812976f27c3bdacebe3118cf0f050baec0f9ddebff5675e92a

  • SSDEEP

    6144:XGOtf45pwEkRQW8jlzKr+YrBn8A/O56qTf:XpRMQQKr+Yr6AT+

Score
9/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6c79409cb689b7b7bc5fa46de1c53bf5a379ea0993d66e6c6bb4e92b27d92bc9.exe
    "C:\Users\Admin\AppData\Local\Temp\6c79409cb689b7b7bc5fa46de1c53bf5a379ea0993d66e6c6bb4e92b27d92bc9.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\zxiE8FD.tmp
    Filesize

    172KB

    MD5

    6ca4987240604f42c71f2f8bc2dd3bf2

    SHA1

    a7cd7071ef802057940408333a21696e695341a7

    SHA256

    8ac9c2234f3cfc5f850317343a5ef89856d116356cc059d0ebcde34cf2ded0a7

    SHA512

    0a99c124d9448f1453e46c5a255ecd3166aa28790e834b5244aa5079633affa61e3c7539ec5011c404aaf84c41fad383e476acc0e1b71ca4d4593e510ad61d71

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\zxiE8FD.tmp
    Filesize

    172KB

    MD5

    6ca4987240604f42c71f2f8bc2dd3bf2

    SHA1

    a7cd7071ef802057940408333a21696e695341a7

    SHA256

    8ac9c2234f3cfc5f850317343a5ef89856d116356cc059d0ebcde34cf2ded0a7

    SHA512

    0a99c124d9448f1453e46c5a255ecd3166aa28790e834b5244aa5079633affa61e3c7539ec5011c404aaf84c41fad383e476acc0e1b71ca4d4593e510ad61d71

    Download Submit

  • memory/2016-132-0x0000000000400000-0x0000000000410000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2016-135-0x0000000002140000-0x00000000021B3000-memory.dmp

    Filesize

    460KB

    Download

  • memory/2016-136-0x0000000000400000-0x0000000000410000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2016-137-0x0000000002140000-0x00000000021B3000-memory.dmp

    Filesize

    460KB

    Download