Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

ccdb778833...46.exe

windows7-x64

7

ccdb778833...46.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    57s
  • max time network
    54s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    25/11/2022, 13:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ccdb77883366cb4c3b7712ef267ffea20683b975f01f6e8af733dd65963a7c46.exe

  • Size

    935KB

  • MD5

    67d981252d016574780d8c1cc4526882

  • SHA1

    3b8ef05aff3dc8b7cc9b3626cf22666e3eb9c585

  • SHA256

    ccdb77883366cb4c3b7712ef267ffea20683b975f01f6e8af733dd65963a7c46

  • SHA512

    27fefe03d52a0551d059e2136c66489d4e8ae90bd3be592f2c445cf250d026342c74c358cf6695fd8df81f1f5507fb3ddbfd70c9abb5acabe32ec12be89bcc04

  • SSDEEP

    24576:bID6QudHAV1pJCDYFgYfgNvWexE9MoAhMjcSlZscrW:s5udHABJeY6YfgNvPEaTMAca

Score
7/10
spywarestealer

Malware Config

Signatures

  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ccdb77883366cb4c3b7712ef267ffea20683b975f01f6e8af733dd65963a7c46.exe
    "C:\Users\Admin\AppData\Local\Temp\ccdb77883366cb4c3b7712ef267ffea20683b975f01f6e8af733dd65963a7c46.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1976

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1976-54-0x0000000075761000-0x0000000075763000-memory.dmp

    Filesize

    8KB

    Download