Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

91b7df07f5...6a.exe

windows7-x64

8

91b7df07f5...6a.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    108s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    01/12/2022, 00:46 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    91b7df07f5dbf04cf0b9a263249ef70cc4e9e2ae194b5a3adcc62e8c487f5d6a.exe

  • Size

    96KB

  • MD5

    774e1e7ca57509d3dd62dee398482e1c

  • SHA1

    1138c5f397da6e2cf071d388e161dce5f58e202a

  • SHA256

    91b7df07f5dbf04cf0b9a263249ef70cc4e9e2ae194b5a3adcc62e8c487f5d6a

  • SHA512

    f8995008a2a47796915c0e4404ba7a06e922a6e6592094e5f4980e439d06bc66ef63087976834c5510c9334515c24bd154ee2b76be9aaf9bde18025b71a9047d

  • SSDEEP

    1536:jNFusSx9qYMhdFHS8qdydo3nTzhYxJA+CwNUtBZVY9v8prRopHus:jzS4jHS8q/3nTzePCwNUh4E9qOs

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\91b7df07f5dbf04cf0b9a263249ef70cc4e9e2ae194b5a3adcc62e8c487f5d6a.exe
    "C:\Users\Admin\AppData\Local\Temp\91b7df07f5dbf04cf0b9a263249ef70cc4e9e2ae194b5a3adcc62e8c487f5d6a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:948
    • \??\c:\users\admin\appdata\local\dcgvrvubvn
      "C:\Users\Admin\AppData\Local\Temp\91b7df07f5dbf04cf0b9a263249ef70cc4e9e2ae194b5a3adcc62e8c487f5d6a.exe" a -sc:\users\admin\appdata\local\temp\91b7df07f5dbf04cf0b9a263249ef70cc4e9e2ae194b5a3adcc62e8c487f5d6a.exe
      2⤵
      • Executes dropped EXE
      PID:820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\dcgvrvubvn
    Filesize

    19.9MB

    MD5

    bd29423a1cc13289b6cbec911c8fff0c

    SHA1

    c20f23598c8c85d6a3dd9d015e3f7e9845ec5b7c

    SHA256

    71528cd41de0c7ed75d3a447a5f686688d6878a066861edec9925bb803644b04

    SHA512

    02daee33cf3c362aa6bf99ef6aaddd0ea60ca54c028dad9b15da679f540198553822efaccbf96250748fa141df3f5ffc032587fd1de5edab242d5ad95ee7b205

    Download Submit

  • \Users\Admin\AppData\Local\dcgvrvubvn
    Filesize

    19.9MB

    MD5

    bd29423a1cc13289b6cbec911c8fff0c

    SHA1

    c20f23598c8c85d6a3dd9d015e3f7e9845ec5b7c

    SHA256

    71528cd41de0c7ed75d3a447a5f686688d6878a066861edec9925bb803644b04

    SHA512

    02daee33cf3c362aa6bf99ef6aaddd0ea60ca54c028dad9b15da679f540198553822efaccbf96250748fa141df3f5ffc032587fd1de5edab242d5ad95ee7b205

    Download Submit

  • \Users\Admin\AppData\Local\dcgvrvubvn
    Filesize

    19.9MB

    MD5

    bd29423a1cc13289b6cbec911c8fff0c

    SHA1

    c20f23598c8c85d6a3dd9d015e3f7e9845ec5b7c

    SHA256

    71528cd41de0c7ed75d3a447a5f686688d6878a066861edec9925bb803644b04

    SHA512

    02daee33cf3c362aa6bf99ef6aaddd0ea60ca54c028dad9b15da679f540198553822efaccbf96250748fa141df3f5ffc032587fd1de5edab242d5ad95ee7b205

    Download Submit

  • memory/820-60-0x0000000000400000-0x000000000044E4A4-memory.dmp

    Filesize

    313KB

    Download

  • memory/820-61-0x0000000000400000-0x000000000044E4A4-memory.dmp

    Filesize

    313KB

    Download

  • memory/948-54-0x0000000000400000-0x000000000044E4A4-memory.dmp

    Filesize

    313KB

    Download

  • memory/948-55-0x0000000000400000-0x000000000044E4A4-memory.dmp

    Filesize

    313KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.