Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

943c8f7629...dd.exe

windows7-x64

8

943c8f7629...dd.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    38s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    26/11/2022, 01:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    943c8f7629e7364fec465beaa2b87c0aba9416aac435fbe4b7cc5f70d970cddd.exe

  • Size

    5.9MB

  • MD5

    777af6a2297f8f23ac0fd5c1aa18d098

  • SHA1

    13c5741004319b48d628e961431c98d1bbb22a4f

  • SHA256

    943c8f7629e7364fec465beaa2b87c0aba9416aac435fbe4b7cc5f70d970cddd

  • SHA512

    94e6929be82926f0147432b8f829b5d32c34b6f7695e75c30a8c873bdf1aa93e586be8af3458381540c5236c4a9e2971c60565b206cdddae3a56a5b078a02f07

  • SSDEEP

    98304:2JkvUYB11j7hniWsOSn3q9tBhC4yUJloxChMIhtuM2/Jb:qeUwnj7hnvSna9tBhC4vlAChRhEM2/Jb

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Loads dropped DLL 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\943c8f7629e7364fec465beaa2b87c0aba9416aac435fbe4b7cc5f70d970cddd.exe
    "C:\Users\Admin\AppData\Local\Temp\943c8f7629e7364fec465beaa2b87c0aba9416aac435fbe4b7cc5f70d970cddd.exe"
    1⤵
    • Loads dropped DLL
    PID:1140

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nst2770.tmp\AdvSplash.dll
    Filesize

    6KB

    MD5

    afcb00971e23d86b3e29680c09b6ddae

    SHA1

    508327afb0f444c03c25bfb7ee59cb7189c07de2

    SHA256

    02f74f3280e48ae9e4c28fba40b84e418a56ee08d1406236964ab950ec197af3

    SHA512

    8631a8fbc3d43af45443356cac416f204ccface8591423ed0a8278a3097e01f014a42d23acc5e127156c4a29e0efba1e9afe58526ab47c05a90880ce0503dc89

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nst2770.tmp\InstallOptions.dll
    Filesize

    12KB

    MD5

    f407939127208a009b9a825cb77ed3c7

    SHA1

    051d7fccf3fb544acaa8ab6be590bb4bc79cef82

    SHA256

    191fab998e58b66a2416873b06062166b547eb3ba06b1326a4a785a566aaf76d

    SHA512

    d45d08823ac7667f071b21d238b7fda43115db3195a442cb17d880d147e8a930374403c970afc31f676f01a83fb9c63e3be047de7e16718a08a1fdbe4b690901

    Download Submit

  • \Users\Admin\AppData\Local\Temp\nst2770.tmp\LangDLL.dll
    Filesize

    5KB

    MD5

    c3cc2c281cb7c75ee8109bea13fc3880

    SHA1

    e7242cf294dd9f75ac3019c60885f2ee80d4263b

    SHA256

    0dd77f65cc2ce16ecb32ecbfe2da424dcf42909d3b8ccf8678ccfdc04f62f667

    SHA512

    0626fba394f39d7e485f3bfccfc0bfed0ce0b925d8d1b7189540aba5999b5ce75733a30b42179fc2a0f7c09db32a21d8e7cb27ce3d81f6e9a09e9df9d1f37aba

    Download Submit

  • memory/1140-54-0x0000000075F51000-0x0000000075F53000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1140-55-0x0000000000400000-0x00000000007C1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/1140-57-0x0000000000F30000-0x00000000012F1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/1140-58-0x0000000000F30000-0x00000000012F1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/1140-59-0x0000000000F30000-0x00000000012F1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/1140-61-0x0000000000400000-0x00000000007C1000-memory.dmp

    Filesize

    3.8MB

    Download

  • memory/1140-62-0x0000000000F30000-0x00000000012F1000-memory.dmp

    Filesize

    3.8MB

    Download