Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

c7c36851a3...68.exe

windows7-x64

6

c7c36851a3...68.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    28s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2022, 15:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c7c36851a36b6e63f78d53a879b4558e600b18fffc30663b797098a5513c1068.exe

  • Size

    1.1MB

  • MD5

    0d0f7df2c659d3f14abac52172635edf

  • SHA1

    c4c95b43b5f6d9d692037183c38ac12c562a2fc0

  • SHA256

    c7c36851a36b6e63f78d53a879b4558e600b18fffc30663b797098a5513c1068

  • SHA512

    cf8a1bf0dfdbbc7dec99fbcc6036b2c95ba2c7cc1a87b9e7d4d4b439760a97a5c79b99d9d2be1c722e8b15f4eff0cc629104b83f8209a60bf09d65e5e5554b4a

  • SSDEEP

    24576:qZ/sXPww7XsHWtu0AaZ8531jIL+AeH4ZM1rePPZEY95y5OzcL7Ps5i:qZ/sYecHQu0rZK8L+AeYZ4Y9McYL7

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 24 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c7c36851a36b6e63f78d53a879b4558e600b18fffc30663b797098a5513c1068.exe
    "C:\Users\Admin\AppData\Local\Temp\c7c36851a36b6e63f78d53a879b4558e600b18fffc30663b797098a5513c1068.exe"
    1⤵
    • Enumerates connected drives
    • Suspicious use of SetThreadContext
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Users\Admin\AppData\Local\Temp\c7c36851a36b6e63f78d53a879b4558e600b18fffc30663b797098a5513c1068.exe
      "C:\Users\Admin\AppData\Local\Temp\c7c36851a36b6e63f78d53a879b4558e600b18fffc30663b797098a5513c1068.exe"
      2⤵
        PID:1492

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1492-56-0x0000000000400000-0x0000000000419000-memory.dmp

      Filesize

      100KB

      Download

    • memory/1492-57-0x0000000000400000-0x0000000000419000-memory.dmp

      Filesize

      100KB

      Download

    • memory/1492-59-0x0000000000400000-0x0000000000419000-memory.dmp

      Filesize

      100KB

      Download

    • memory/1492-61-0x0000000000400000-0x0000000000419000-memory.dmp

      Filesize

      100KB

      Download

    • memory/1492-62-0x0000000000400000-0x0000000000419000-memory.dmp

      Filesize

      100KB

      Download