Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Built (1).exe

windows7-x64

7

Built (1).exe

windows10-2004-x64

7

Analysis

  • max time kernel
    27s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2023, 02:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Built (1).exe

  • Size

    8.4MB

  • MD5

    c2e6383d0a02c82f7f4aa56a6b4e3c1a

  • SHA1

    65076d67c939bcf1104fe43c5b1ff1852251ea1e

  • SHA256

    dde20cb2c472fc375408b09de62fc3c681e6ce271cb8c7e06802d2b525b192b7

  • SHA512

    2ba1458b8b08165182b203134e3dd17d74b3249c86e747e84d7bc4a8ca1e32dcdfcfcd86aeb78fef8a22221d64fc511c889e34f189db3b8720ca15f4b0f10980

  • SSDEEP

    196608:LLafMj7e16B6yPnlPzf+JiT4n3XWKCQMvkP17CM0PE58nWgF:/afcBRPnlPSF3VC7vKb028nWgF

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Built (1).exe
    "C:\Users\Admin\AppData\Local\Temp\Built (1).exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2332
    • C:\Users\Admin\AppData\Local\Temp\Built (1).exe
      "C:\Users\Admin\AppData\Local\Temp\Built (1).exe"
      2⤵
      • Loads dropped DLL
      PID:916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI23322\python311.dll
    Filesize

    1.6MB

    MD5

    53b1a9474ddc3a31adf72011dc8da780

    SHA1

    36f476d318acca6a12d3625b02cb14ab19534db7

    SHA256

    357e545f47b605682328566a8df692dc22e4ea2ab37686788c3416b3813addc7

    SHA512

    290c070eaf324476bfda676fc547ee42479a239b11192b654604862d53de1f1752a2f1b212dc15b3a22787a6469d6ec22ced98b7bb7d5f7c618602bbd12b7881

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI23322\python311.dll
    Filesize

    1.6MB

    MD5

    53b1a9474ddc3a31adf72011dc8da780

    SHA1

    36f476d318acca6a12d3625b02cb14ab19534db7

    SHA256

    357e545f47b605682328566a8df692dc22e4ea2ab37686788c3416b3813addc7

    SHA512

    290c070eaf324476bfda676fc547ee42479a239b11192b654604862d53de1f1752a2f1b212dc15b3a22787a6469d6ec22ced98b7bb7d5f7c618602bbd12b7881

    Download Submit

  • memory/916-82-0x000007FEF67C0000-0x000007FEF6DAA000-memory.dmp

    Filesize

    5.9MB

    Download