Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

setup.exe

windows10-1703-x64

7

setup.exe

windows7-x64

7

setup.exe

windows10-2004-x64

7

Resubmissions

29/12/2022, 21:44

221229-1lhnxaec32 7

29/12/2022, 21:39

221229-1hrgmshe3z 7

Analysis

  • max time kernel
    30s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2022, 21:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    setup.exe

  • Size

    11.1MB

  • MD5

    57b7e94de6ac64dfd63c7dce836fe73d

  • SHA1

    06f62b7ac78e858123932aee6fe9986a4a5a6e8f

  • SHA256

    f5c0ba21aedc485e001cc25b51e5b8ea5e682d4bb6bfd722e12b1d774832867f

  • SHA512

    598646fadbbf037e226233439c4ed9a495a57a8078522a08df5e0694907ffaa3a94649a863afde374c42b83f18408aeee1fe33e005d2e8a5970034e71e984063

  • SSDEEP

    196608:OdLaAX2gyJBd1obcnn1HXpeL2Vmd6+DWMTNfwZHYYAovCw/jLgMJIytDV93DBvng:6xdyJhoon13peL2Vmd6mWMBktCwoMJ/d

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\setup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1380
    • C:\Users\Admin\AppData\Local\Temp\setup.exe
      "C:\Users\Admin\AppData\Local\Temp\setup.exe"
      2⤵
      • Loads dropped DLL
      PID:1716

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI13802\python310.dll
    Filesize

    4.2MB

    MD5

    e9c0fbc99d19eeedad137557f4a0ab21

    SHA1

    8945e1811ceb4b26f21edcc7a36dcf2b1d34f0bf

    SHA256

    5783c5c5a3ffce181691f19d27de376a03010d32e41360b72bcdbd28467cfcc5

    SHA512

    74e1289683642ae2bc3cf780a07af1f27fed2011ef6cc67380f9c066c59d17a2fb2394a45a5c6cd75dad812a61093fdbd0f2108925f5c58fc6644c1c98be5c0b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI13802\python310.dll
    Filesize

    4.2MB

    MD5

    e9c0fbc99d19eeedad137557f4a0ab21

    SHA1

    8945e1811ceb4b26f21edcc7a36dcf2b1d34f0bf

    SHA256

    5783c5c5a3ffce181691f19d27de376a03010d32e41360b72bcdbd28467cfcc5

    SHA512

    74e1289683642ae2bc3cf780a07af1f27fed2011ef6cc67380f9c066c59d17a2fb2394a45a5c6cd75dad812a61093fdbd0f2108925f5c58fc6644c1c98be5c0b

    Download Submit

  • memory/1380-54-0x000007FEFB5E1000-0x000007FEFB5E3000-memory.dmp

    Filesize

    8KB

    Download