Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

b8e2dbd99c...a3.exe

windows7-x64

1

b8e2dbd99c...a3.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    151s
  • max time network
    173s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/12/2022, 17:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b8e2dbd99c431b10ed70ad10f2738d9ae0ae32dfc419d75e7e2a60c6f4460fa3.exe

  • Size

    168KB

  • MD5

    67fddea6b7b86cac62a7e6d7f5a55b67

  • SHA1

    cf304677b229f9b3e325589d1055ed39263bdac5

  • SHA256

    b8e2dbd99c431b10ed70ad10f2738d9ae0ae32dfc419d75e7e2a60c6f4460fa3

  • SHA512

    083db64e3f134ed4345b51022c18ec7f34326b596fa5326d63bb4d6636bbb20f133c7cdf425e12db5a495f954371c418a795a107e2ea45ed5980ad1391989487

  • SSDEEP

    3072:xy1Gzad4T9y3Wey+Ae8cT/38O6/smQLhZSRSRZDeejBmY9gB5HraZbWJGremk:xJzcm9hnncd6VQLLSkRdeejBnIkZbuGS

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:2424
      • C:\Users\Admin\AppData\Local\Temp\b8e2dbd99c431b10ed70ad10f2738d9ae0ae32dfc419d75e7e2a60c6f4460fa3.exe
        "C:\Users\Admin\AppData\Local\Temp\b8e2dbd99c431b10ed70ad10f2738d9ae0ae32dfc419d75e7e2a60c6f4460fa3.exe"
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:2176

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2176-132-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2176-133-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2176-135-0x0000000000580000-0x0000000000584000-memory.dmp

      Filesize

      16KB

      Download

    • memory/2176-136-0x0000000002060000-0x0000000002099000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2176-134-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2176-138-0x0000000000400000-0x000000000042A000-memory.dmp

      Filesize

      168KB

      Download

    • memory/2176-139-0x0000000002060000-0x0000000002099000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2176-140-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    • memory/2424-137-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

      Filesize

      28KB

      Download