Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

f29ba8fc76...8b.exe

windows7-x64

7

f29ba8fc76...8b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    42s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29/11/2022, 15:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f29ba8fc76ffcb44f92fa9c73275937aad4c51717db27a1700e09ecf20b4898b.exe

  • Size

    536KB

  • MD5

    c951ce4ba0f17a748b17805b51d7b5d2

  • SHA1

    8a5ed65e7a94206b8e0c7d1b781ff02a784cbad5

  • SHA256

    f29ba8fc76ffcb44f92fa9c73275937aad4c51717db27a1700e09ecf20b4898b

  • SHA512

    d2a1905ab0debc361a9b48645645b33ea3553525e8691e72002ecc01ea491df22e9bb5159ebc412a4a83a56401aa7a0cbdbc8da99fdd6a913b670d00542dd043

  • SSDEEP

    12288:eVuzmFqdGPNR3XV6BdTIsF8KJHYW9FyK/eXZDxMlTrAWM:eVu+7nV2IQYQyK2XL43M

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 31 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f29ba8fc76ffcb44f92fa9c73275937aad4c51717db27a1700e09ecf20b4898b.exe
    "C:\Users\Admin\AppData\Local\Temp\f29ba8fc76ffcb44f92fa9c73275937aad4c51717db27a1700e09ecf20b4898b.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\E_60003\krnln.fnr
    Filesize

    996KB

    MD5

    ddaf7a94619cbeaac4e0c04dbf9bce99

    SHA1

    ff142c73c0237ce29ff594cb6c287e5d210370b5

    SHA256

    fb6522d23bdb2eb2a48b5ee6d3cdfba2d1dda848922ad99dc939d718a3ab383c

    SHA512

    730268e14454f0a778db85056ae383416ea337b962aac812c6761dbe3ca0e20176c2fc1c02585bd3843cff3779b8160a92e66c773b6febd6f5165c400f89cbce

    Download Submit

  • \Users\Admin\AppData\Local\Temp\E_60003\xplib.fne
    Filesize

    40KB

    MD5

    1f9c82ece3c8f3bb23fe73538ffc57ef

    SHA1

    8b709ed09aeb296f1aa21d8a58c5086301e5853e

    SHA256

    02e71c2980dff2c5e6f737cca330d5abaf564f4a4f20ae48c03230eeb6ca8ec2

    SHA512

    9d682940ecc60aaacaac93d2f0333dc15c718014c2797821a6a6ce3090554fc6cb63aa56698c03f0850a71f139c68a3e42929bc5048a432ff5c11d24bd1f902d

    Download Submit

  • memory/1944-55-0x0000000075CF1000-0x0000000075CF3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1944-57-0x00000000001C0000-0x00000000001CB000-memory.dmp

    Filesize

    44KB

    Download

  • memory/1944-58-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download