Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

'Xia...��.exe

windows7-x64

1

'Xia...��.exe

windows10-2004-x64

1

'Xia...ͳ.exe

windows7-x64

1

'Xia...ͳ.exe

windows10-2004-x64

1

'Xia...��.chm

windows7-x64

1

'Xia...��.chm

windows10-2004-x64

1

Analysis

  • max time kernel
    42s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2022, 06:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    'Xiaotao/20141123/ȡVip_11.7.exe

  • Size

    5.3MB

  • MD5

    8d01f381bc713105c84657e659614810

  • SHA1

    b5186ac9611be2dfec4848060c8ab48bca5b3dd2

  • SHA256

    2cad219d11a006d33fa22257f5e09243199e46c161ae969e6dda37370f1c5cec

  • SHA512

    deb5ace2ea190cc49d4692a8b42561ef4cf1e0911959d7a6488d9ac0ad5e18adf8097823bb6a1ce772297e46f3e73d2f28cbf864523837ab5afa41001fb5afd0

  • SSDEEP

    98304:X+f0ZFMI+toG0AMzcDqTDnDcdAPHJ+YWrSFMKVqTCfx9+1qyL41DEl:X5cdavWr2VoCfx9+syLf

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\'Xiaotao\20141123\ȡVip_11.7.exe
    "C:\Users\Admin\AppData\Local\Temp\'Xiaotao\20141123\ȡVip_11.7.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1976-54-0x00000000764D1000-0x00000000764D3000-memory.dmp

    Filesize

    8KB

    Download