Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

2f9020d39a...02.exe

windows7-x64

9

2f9020d39a...02.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    165s
  • max time network
    174s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/12/2022, 18:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2f9020d39a0e61652c02ac3d7e32dd1e7b09292cddfacae3c5e35483abde3502.exe

  • Size

    1.8MB

  • MD5

    f1cc6b0ee05b91d5c7d32cf5768b3d18

  • SHA1

    f40223bf9d503b12c2db4babc221b809586e91bb

  • SHA256

    2f9020d39a0e61652c02ac3d7e32dd1e7b09292cddfacae3c5e35483abde3502

  • SHA512

    a17fe5430685bfd16c5cce6c5900aa51ded830b7549a8dcb6c80d49b2ebbc72ce326039359128c3c4b14704416861a9fff730bf8d02190339f58107b68da8343

  • SSDEEP

    24576:RLgRXlSO02YiPkefZuMmJHaKoQPaO0rBAPQTgqjKpu0+ePuSYU14QmX3r2vnO:2RX0fkf87oQPaNtLTgqGE0+erYppH

Score
9/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2f9020d39a0e61652c02ac3d7e32dd1e7b09292cddfacae3c5e35483abde3502.exe
    "C:\Users\Admin\AppData\Local\Temp\2f9020d39a0e61652c02ac3d7e32dd1e7b09292cddfacae3c5e35483abde3502.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:4960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\V22006630.EPE
    Filesize

    430KB

    MD5

    b36c5210667e869689b7c915d617c860

    SHA1

    cbde3a45d581240f96a54bac15aa461be2afa592

    SHA256

    8d8298e747d790ab694e61536eb154640b678df6974c6aa3a8e0b2e9896947b9

    SHA512

    e144b030e0124d11191e371135880bc73bb8942d74e7053e97d2070fa4e03d57fea6b9d25d3e9866bbba22935cc218169bac7de0f68fe630bef20943e35fe9f7

    Download Submit

  • memory/4960-133-0x0000000000400000-0x0000000000902000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/4960-134-0x0000000071120000-0x000000007123C000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/4960-135-0x0000000071120000-0x000000007123C000-memory.dmp

    Filesize

    1.1MB

    Download