Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

ad8153d9b9...b6.exe

windows7-x64

8

ad8153d9b9...b6.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    261s
  • max time network
    341s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/12/2022, 17:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ad8153d9b927805f51ef1a24d737eabf355a9e083866a41e005c2a78b0fe66b6.exe

  • Size

    257KB

  • MD5

    dfa7d6fd67e10e2314f3cf455559b4f6

  • SHA1

    7aaa290ff3a60116fe4bca3a105a5a714d610145

  • SHA256

    ad8153d9b927805f51ef1a24d737eabf355a9e083866a41e005c2a78b0fe66b6

  • SHA512

    b1745ac600fd9de4360b222fd61893685c3e1dce33bf2fd3b56fafbad0507d077a777c61a12903e2f0307e3ed238affaebde77c09d8e99bfe451947eb453c10b

  • SSDEEP

    6144:91OgDPdkBAFZWjadD4s9sfs1Ev7bqNhfaOEO/Hk09sbwa:91OgLdaxTbqNhfaOEO/E0OMa

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • NSIS installer 4 IoCs
    installer
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ad8153d9b927805f51ef1a24d737eabf355a9e083866a41e005c2a78b0fe66b6.exe
    "C:\Users\Admin\AppData\Local\Temp\ad8153d9b927805f51ef1a24d737eabf355a9e083866a41e005c2a78b0fe66b6.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Users\Admin\AppData\Local\Temp\7zSCF8B.tmp\setup.exe
      .\setup.exe /s
      2⤵
      • Executes dropped EXE
      PID:3412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7zSCF8B.tmp\setup.exe
    Filesize

    65KB

    MD5

    4ccf1a317aa8539c857835e4ebe9c806

    SHA1

    223b73d09d7398f40aff3ccc569e66cae3886ee9

    SHA256

    4529889c5575cd4e28b3691f0489c806442840292a9e459ada4dab3e024cc242

    SHA512

    ecab68799b5a51c7d2a3735a9b3c17ba20a315618aa9575a5b02d5d4535716966031a26982012669f069dbfd8a6ab62f95737b7c402bf680f3a498900f627312

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\7zSCF8B.tmp\setup.exe
    Filesize

    65KB

    MD5

    4ccf1a317aa8539c857835e4ebe9c806

    SHA1

    223b73d09d7398f40aff3ccc569e66cae3886ee9

    SHA256

    4529889c5575cd4e28b3691f0489c806442840292a9e459ada4dab3e024cc242

    SHA512

    ecab68799b5a51c7d2a3735a9b3c17ba20a315618aa9575a5b02d5d4535716966031a26982012669f069dbfd8a6ab62f95737b7c402bf680f3a498900f627312

    Download Submit