Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

BuilderTri...21.exe

windows7-x64

7

BuilderTri...21.exe

windows10-2004-x64

7

Resubmissions

16/02/2023, 22:19

230216-18qm2aca41 7

16/02/2023, 21:01

230216-zt5b7sbf3y 7

Analysis

  • max time kernel
    1775s
  • max time network
    1587s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    16/02/2023, 22:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BuilderTrialSetup_v421.exe

  • Size

    14.0MB

  • MD5

    b47f848f5cea33277904f09b0c19a801

  • SHA1

    417612ba19caa0a85082a4c3453bc20c81822d0e

  • SHA256

    e8e4eda49700f8b5dac70bcaab5ac159b4d2460adbbc1eac6494598b4cb4bc64

  • SHA512

    9da2ad81a3ccb17b6b075073aa2be05d568ea9df655a2e4512e8fb102d785b6c7caf5fa3a98448652ee4d7a15c50eddcdc3dd22ea07e01a6fa1314d81a92f8b7

  • SSDEEP

    196608:jrtMyZPifnNbT/3vl9gncxEBxtRNwXOvX72h0WzfDeoqvw1YF8jD+EshvGf12+:3iwPifFn8xtRGXOvX7y0a6oC8v8r+

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\BuilderTrialSetup_v421.exe
    "C:\Users\Admin\AppData\Local\Temp\BuilderTrialSetup_v421.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4888
    • C:\Users\Admin\AppData\Local\Temp\is-PS8Q7.tmp\BuilderTrialSetup_v421.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-PS8Q7.tmp\BuilderTrialSetup_v421.tmp" /SL5="$8011A,14295506,228864,C:\Users\Admin\AppData\Local\Temp\BuilderTrialSetup_v421.exe"
      2⤵
      • Executes dropped EXE
      PID:1540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-PS8Q7.tmp\BuilderTrialSetup_v421.tmp
    Filesize

    869KB

    MD5

    fb119f40853685d8c63258db515b5add

    SHA1

    182ea9074ca47070fd3f3db850038f1744df7797

    SHA256

    1654fd77b14dc5ace932add32ff59f0be3a0ac0cb2622c05ddd626812de48444

    SHA512

    5f89ac0193c908e790079e38f5ab36dc8299e03da699ff9f4bc914177642185f531de28a89c86d5b267f3f564ade334ee30ef868f50f81dda946009363b04c8d

    Download Submit

  • memory/4888-132-0x0000000000400000-0x000000000043F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/4888-136-0x0000000000400000-0x000000000043F000-memory.dmp

    Filesize

    252KB

    Download