Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

8eace77b93...2b.exe

windows7-x64

6

8eace77b93...2b.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    82s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/06/2023, 23:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8eace77b937309f26fc54aa346e1fd64747ab0097b187e3910635e715590bf2b.exe

  • Size

    530KB

  • MD5

    bf2427ec858cf667477e6cd0cb11b85a

  • SHA1

    bfd671eff7e264680871b534b8500a9cf152dde1

  • SHA256

    8eace77b937309f26fc54aa346e1fd64747ab0097b187e3910635e715590bf2b

  • SHA512

    2e771df140f6b2c11c5c7d3a1b915d1f79a2a43ec2aaa2f28335b018011e1dc3c0638808edfb66bd2250926838420e9c3ef4afae4bfee9a99113823adc0d0266

  • SSDEEP

    12288:llCcKVDgFpbWesyHA8hDMnQWI4VengEY9SaFiolSsu4gNrT5uBmSWqF2Xzj9wcb2:llCcCgUesr8U6RwSaoolSsu4gNrT5uBv

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8eace77b937309f26fc54aa346e1fd64747ab0097b187e3910635e715590bf2b.exe
    "C:\Users\Admin\AppData\Local\Temp\8eace77b937309f26fc54aa346e1fd64747ab0097b187e3910635e715590bf2b.exe"
    1⤵
    • Adds Run key to start application
    PID:2620
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2620 -s 960
      2⤵
      • Program crash
      PID:4492
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 200 -p 2620 -ip 2620
    1⤵
      PID:2528

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2620-133-0x0000000000D20000-0x0000000000DAA000-memory.dmp

      Filesize

      552KB

      Download