Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

9e566704cc...33.exe

windows7-x64

7

9e566704cc...33.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    68s
  • max time network
    74s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    24/11/2022, 12:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9e566704cc0072e3ebf6b496b40d80c3bf04aeeccd301feae75927b385e7fb33.exe

  • Size

    961KB

  • MD5

    b646f0e424b36cd7d383065a75a47473

  • SHA1

    99df3129dacd2aec0e6c88c6064365f52c084b25

  • SHA256

    9e566704cc0072e3ebf6b496b40d80c3bf04aeeccd301feae75927b385e7fb33

  • SHA512

    41a056ca39933bad52b94cbd9191c0c1ee46f50e57f5995876bcef374f50ffdde2e74c51bd41db6ceff006cbfb333ad506e7e553e6e86f576df68540686aaf8c

  • SSDEEP

    24576:ikQ1aOCco82PkHsddUplpYE+JglzGWqVgjsaxZiAvS5cSsS:r/co82CsrUplpYEZ1BjsEZyl

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9e566704cc0072e3ebf6b496b40d80c3bf04aeeccd301feae75927b385e7fb33.exe
    "C:\Users\Admin\AppData\Local\Temp\9e566704cc0072e3ebf6b496b40d80c3bf04aeeccd301feae75927b385e7fb33.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1968

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1968-54-0x0000000075811000-0x0000000075813000-memory.dmp

    Filesize

    8KB

    Download