Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

d7d6471a23...97.exe

windows7-x64

8

d7d6471a23...97.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    91s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/12/2022, 07:48 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d7d6471a239acaf380d19f408e687598f63c3099a143a99d18215f043aa73997.exe

  • Size

    133KB

  • MD5

    16cb8acaa6258e7b8df4cf4261ee5a53

  • SHA1

    a358f304de1e50f5ee0d3aa88df2c43ad6be12a1

  • SHA256

    d7d6471a239acaf380d19f408e687598f63c3099a143a99d18215f043aa73997

  • SHA512

    bc07e10f407c2832be406a3d2b44de9e11722550fb8e95f8ca668f4825a2a8e13c5d75667b288a80df7a60e6101d0b71211ce13769d076370ef17ee250216e6a

  • SSDEEP

    3072:9V3poqzSnN2Q9Lb1CoifphYSoA0Gbhbhi0xqiXWe/j:JzK2Q9LqDY5A0GbviAqa

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d7d6471a239acaf380d19f408e687598f63c3099a143a99d18215f043aa73997.exe
    "C:\Users\Admin\AppData\Local\Temp\d7d6471a239acaf380d19f408e687598f63c3099a143a99d18215f043aa73997.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4864
    • C:\Users\Admin\AppData\Local\Temp\d7d6471a239acaf380d19f408e687598f63c3099a143a99d18215f043aa73997.exe
      ?
      2⤵
        PID:4796

    Network

    • flag-unknown
      DNS
      mysumsung.ru
      d7d6471a239acaf380d19f408e687598f63c3099a143a99d18215f043aa73997.exe
      Remote address:
      8.8.8.8:53
      Request
      mysumsung.ru
      IN A
      Response
    • 52.109.8.45:443
      40 B
       1
    • 20.189.173.12:443
      322 B
       7
    • 8.238.21.254:80
      322 B
       7
    • 8.238.21.254:80
      322 B
       7
    • 8.238.21.254:80
      322 B
       7
    • 8.8.8.8:53
      mysumsung.ru
      dns
      d7d6471a239acaf380d19f408e687598f63c3099a143a99d18215f043aa73997.exe
      58 B
       119 B
       1
      1

      DNS Request

      mysumsung.ru

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4796-134-0x0000000010000000-0x000000001000F000-memory.dmp

      Filesize

      60KB

      Download

    • memory/4796-137-0x0000000010000000-0x000000001000F000-memory.dmp

      Filesize

      60KB

      Download

    • memory/4796-138-0x0000000010000000-0x000000001000F000-memory.dmp

      Filesize

      60KB

      Download

    • memory/4796-139-0x0000000000400000-0x0000000000427000-memory.dmp

      Filesize

      156KB

      Download

    • memory/4796-140-0x0000000010000000-0x000000001000F000-memory.dmp

      Filesize

      60KB

      Download

    • memory/4864-133-0x0000000000400000-0x0000000000427000-memory.dmp

      Filesize

      156KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.