Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

df70e25e29...10.exe

windows7-x64

8

df70e25e29...10.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    24/11/2022, 03:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df70e25e295349a196258f2e87e1f224b83f3a8685e94a7b10d4951cfcfe9410.exe

  • Size

    816KB

  • MD5

    2d0bda4b84b37fafcfe5fe4b7d20d1b9

  • SHA1

    24667dbbed2bcf5105afabf73818011c22eef986

  • SHA256

    df70e25e295349a196258f2e87e1f224b83f3a8685e94a7b10d4951cfcfe9410

  • SHA512

    0160077b81d77333c022c174dfb523dcae62d3a731a320c3c96593c3d82954ec196bf30b30b5d69439d823bb42d33584e07ea8191f0ab1913c4e8af722ae678e

  • SSDEEP

    24576:36zhPQHIuKVswFMzzt3BrGel17dC6ZJDuytg:6IouKawFMvt3tFl1pEytg

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Signatures

  • UPX packed file 5 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\df70e25e295349a196258f2e87e1f224b83f3a8685e94a7b10d4951cfcfe9410.exe
    "C:\Users\Admin\AppData\Local\Temp\df70e25e295349a196258f2e87e1f224b83f3a8685e94a7b10d4951cfcfe9410.exe"
    1⤵
    • Adds Run key to start application
    PID:768

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/768-54-0x0000000076871000-0x0000000076873000-memory.dmp

    Filesize

    8KB

    Download

  • memory/768-55-0x0000000000400000-0x000000000063E000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/768-57-0x0000000000400000-0x000000000063E000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/768-58-0x0000000000400000-0x000000000063E000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/768-59-0x0000000000400000-0x000000000063E000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/768-60-0x0000000000400000-0x000000000063E000-memory.dmp

    Filesize

    2.2MB

    Download