Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

2727bd01da...7f.exe

windows7-x64

1

2727bd01da...7f.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    161s
  • max time network
    172s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/11/2022, 13:58 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2727bd01da0aff0009bc5e564ecf925a9d048c3a1a2cb60d329cca7c6ee24e7f.exe

  • Size

    123KB

  • MD5

    200e0535a8e75d1f4af402c0812a5981

  • SHA1

    9d4e26a11c648ed4b46c38c930a195857eb2e76f

  • SHA256

    2727bd01da0aff0009bc5e564ecf925a9d048c3a1a2cb60d329cca7c6ee24e7f

  • SHA512

    48c620f5025d6c778377c19dcdcd24bd5e7f735e443e105f202b53ad5275ec0b7f26b928f958fd8c6d02435c57ae7bed6f0ba7b83f92f8193652bf90f93138ab

  • SSDEEP

    3072:WgjX6QrMh/9dabMwB8f2CqKIgCcUmXLXOVmE4:Wo6sMBA+f2kIgfhXLeVmE

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2727bd01da0aff0009bc5e564ecf925a9d048c3a1a2cb60d329cca7c6ee24e7f.exe
    "C:\Users\Admin\AppData\Local\Temp\2727bd01da0aff0009bc5e564ecf925a9d048c3a1a2cb60d329cca7c6ee24e7f.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:396
    • C:\Windows\SysWOW64\svchost.exe
      svchost.exe
      2⤵
        PID:4380

    Network

    • flag-us
      DNS
      15.89.54.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      15.89.54.20.in-addr.arpa
      IN PTR
      Response
    • 93.184.221.240:80
      322 B
       7
    • 93.184.221.240:80
      322 B
       7
    • 93.184.221.240:80
      322 B
       7
    • 93.184.221.240:80
      260 B
       5
    • 8.8.8.8:53
      15.89.54.20.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      15.89.54.20.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/396-132-0x0000000000400000-0x0000000000433000-memory.dmp

      Filesize

      204KB

      Download

    • memory/396-134-0x0000000000400000-0x0000000000414000-memory.dmp

      Filesize

      80KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.