Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1b72a285ca...c9.exe

windows7-x64

8

1b72a285ca...c9.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    196s
  • max time network
    210s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/11/2022, 04:01 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1b72a285cab6c42a969cb3f14e64c31eb38800d3c354589b1a9d5f0e042549c9.exe

  • Size

    179KB

  • MD5

    1ee116e38cc5709401e181495991811d

  • SHA1

    6b4fae97c212a4cdab1be2f480797b53784d0210

  • SHA256

    1b72a285cab6c42a969cb3f14e64c31eb38800d3c354589b1a9d5f0e042549c9

  • SHA512

    cd37518399cf9299a77f64907b4e843744e65ea1cec3b293835d35e1e59278fbc93e17bce82d984de32110172459a8d3441895a6e80976aaa0ecfaa498db1386

  • SSDEEP

    3072:6JIRH8MiBKlghdTeDco1Hxbu30/BLEypsLS88:MsH8MgrTeVN/tEyps

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1b72a285cab6c42a969cb3f14e64c31eb38800d3c354589b1a9d5f0e042549c9.exe
    "C:\Users\Admin\AppData\Local\Temp\1b72a285cab6c42a969cb3f14e64c31eb38800d3c354589b1a9d5f0e042549c9.exe"
    1⤵
      PID:1632
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1632 -s 440
        2⤵
        • Program crash
        PID:2636
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 1632 -ip 1632
      1⤵
        PID:1820

      Network

      • flag-unknown
        DNS
        164.2.77.40.in-addr.arpa
        Remote address:
        8.8.8.8:53
        Request
        164.2.77.40.in-addr.arpa
        IN PTR
        Response
      • flag-unknown
        DNS
        7.6.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.2.0.0.0.0.2.0.1.3.0.6.2.ip6.arpa
        Remote address:
        8.8.8.8:53
        Request
        7.6.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.2.0.0.0.0.2.0.1.3.0.6.2.ip6.arpa
        IN PTR
        Response
      • 209.197.3.8:80
        322 B
         7
      • 93.184.220.29:80
        322 B
         7
      • 104.80.225.205:443
        322 B
         7
      • 40.126.31.69:443
        260 B
         5
      • 13.69.109.130:443
        322 B
         7
      • 87.248.202.1:80
        322 B
         7
      • 209.197.3.8:80
        322 B
         7
      • 209.197.3.8:80
        322 B
         7
      • 8.8.8.8:53
        164.2.77.40.in-addr.arpa
        dns
        70 B
         144 B
         1
        1

        DNS Request

        164.2.77.40.in-addr.arpa

      • 8.8.8.8:53
        7.6.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.2.0.0.0.0.2.0.1.3.0.6.2.ip6.arpa
        dns
        118 B
         204 B
         1
        1

        DNS Request

        7.6.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.2.0.0.0.0.2.0.1.3.0.6.2.ip6.arpa

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.