Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2754d7ba0d...e0.exe

windows7-x64

7

2754d7ba0d...e0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    151s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/05/2023, 13:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2754d7ba0dc89162aad3bd19b494b29fa69cca370caf5943cd5dbfbad8ebdfe0.exe

  • Size

    7.0MB

  • MD5

    8ca300eb351d4ec09c361cc489c2e6b4

  • SHA1

    d9dbc4660a5f465f4db1decd8022315c618c20c3

  • SHA256

    2754d7ba0dc89162aad3bd19b494b29fa69cca370caf5943cd5dbfbad8ebdfe0

  • SHA512

    eae05e950f47703ce0d6b58b8660c958d3271b8997ffbe8eb55b1d0cb71b51e125ebba7ad07cb47868941532250b29da9074258b49e91cc369640339621ff7a0

  • SSDEEP

    98304:eB1j5NSDeNWvTI6ClMLy53eqFUq28IVvL+S29BZ7292:45NSiNWb27vN28IVvL+LrH

Score
7/10
persistence

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2754d7ba0dc89162aad3bd19b494b29fa69cca370caf5943cd5dbfbad8ebdfe0.exe
    "C:\Users\Admin\AppData\Local\Temp\2754d7ba0dc89162aad3bd19b494b29fa69cca370caf5943cd5dbfbad8ebdfe0.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of WriteProcessMemory
    PID:4292
    • C:\ProgramData\DocumentsAdobe-ver7.7.0.3\DocumentsAdobe-ver7.7.0.3.exe
      C:\ProgramData\DocumentsAdobe-ver7.7.0.3\DocumentsAdobe-ver7.7.0.3.exe
      2⤵
      • Executes dropped EXE
      PID:3840

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\DocumentsAdobe-ver7.7.0.3\DocumentsAdobe-ver7.7.0.3.exe
    Filesize

    3.0MB

    MD5

    b078653fa5c85d4e9206d3fe8bd55ea9

    SHA1

    c7e4d4f02482504ce1b30c5a71ffa5cf1b49f62b

    SHA256

    4febd79f056db519ff11ad2dd293987848cecdd5674c84439af5e02b42ceee02

    SHA512

    811c76b9964526f946f8c5ee3d48602777c91b9efa8bc8a7b2925cd5c42c1c0dabdad97f9e89c9a33738648fa10192779d79d07b45634d6056fc1f6fe03c9c69

    Download Submit

  • C:\ProgramData\DocumentsAdobe-ver7.7.0.3\DocumentsAdobe-ver7.7.0.3.exe
    Filesize

    3.2MB

    MD5

    7c11a83bbcc6c60cadbf5217bb1bde29

    SHA1

    3b2334f1560a5be43b3c5545e45eddd14250cc42

    SHA256

    659327f6362488532ffad07aaa7f1943fa5ec6c23c59ff970b2bbe0a03728b0e

    SHA512

    7c6785522aefec9231a527b254d51ec81df68e1fef8eaf0c66165b789a2f9ac22ae80592023235a382aae60aa9a68f078df9365573356db6a40588cab6ce52fd

    Download Submit

  • memory/3840-141-0x0000000140000000-0x0000000140708000-memory.dmp

    Filesize

    7.0MB

    Download

  • memory/4292-133-0x0000000140000000-0x0000000140708000-memory.dmp

    Filesize

    7.0MB

    Download