Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

8b174bbb78...81.exe

windows7-x64

7

8b174bbb78...81.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    46s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    02/12/2022, 18:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b174bbb78e6449d1deaa88dcb4d24cfb7091ce61e6b39106d396cf954b0e181.exe

  • Size

    32KB

  • MD5

    767e8c891e85227ec6c93610ebcf6147

  • SHA1

    5c379ad1ddee782b1f135f559a90a5b8202e8f45

  • SHA256

    8b174bbb78e6449d1deaa88dcb4d24cfb7091ce61e6b39106d396cf954b0e181

  • SHA512

    980d97baac54d0de66f96f042eb7140d9cd2af38be5ccd33d4f4111fb72a584a23eb8261a932a4790e7f802ca6d9069a2d2e29bf02e4d79af218d9c98d25daf0

  • SSDEEP

    768:QkcdrDnRXYSOJyn3k2bcGAnace6XYmcZIM:JcdPp0naxmcZ

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8b174bbb78e6449d1deaa88dcb4d24cfb7091ce61e6b39106d396cf954b0e181.exe
    "C:\Users\Admin\AppData\Local\Temp\8b174bbb78e6449d1deaa88dcb4d24cfb7091ce61e6b39106d396cf954b0e181.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Windows\SysWOW64\UKHook.dll
    Filesize

    24KB

    MD5

    81a209ec6fb2b3eb94d6c3ed3224c99d

    SHA1

    929b06984471055ba630672fce9734549a910621

    SHA256

    9275426bf663912368b6b658aa2f0c6ae3d7357fa5d97c9e42cc97493492391e

    SHA512

    f13a0894cefd5db23db84d816007e0dcce6a3624f04a38ac9dd15ff7d643f07539fbf59e4ca8800c8a193818b6d8ca8e0c84e765edfee67de71ee7f485673b6f

    Download Submit

  • memory/608-54-0x0000000075AC1000-0x0000000075AC3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/608-56-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download