Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

1ce55bc502...ex.exe

windows7-x64

7

1ce55bc502...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    31s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2023, 18:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1ce55bc50251f1exeexeexeex.exe

  • Size

    428KB

  • MD5

    1ce55bc50251f145d64f8748c9154035

  • SHA1

    3a93bfc5b857023084b71969395e1529f4fb8050

  • SHA256

    fa192bc0547b607eb3004ca5cf5bbb30322f2b44ef5745b21d25a6addafa8ccf

  • SHA512

    ad2fc05b5a63002f7fdd23adf0264053dcbdf9c00702e5e09bbb98265bfcdcdd9328ada963ed1ea498aaec70b27830cac9f1adecd7c60f680216196b69dec38c

  • SSDEEP

    12288:Z594+AcL4tBekiuKzEr2f5g4ZFMd5KHqCfa7sXl:BL4tBekiuVrw5DXCUYsX

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1ce55bc50251f1exeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\1ce55bc50251f1exeexeexeex.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Users\Admin\AppData\Local\Temp\2685.tmp
      "C:\Users\Admin\AppData\Local\Temp\2685.tmp" --helpC:\Users\Admin\AppData\Local\Temp\1ce55bc50251f1exeexeexeex.exe 98017150EB87F20FA91C2F46D6EEF5DB233C574618D8D3E545E5CFE3C1E2C5E7DA244D2FC77F17F44015D96238CD69FEDB20A529673365524D8A36A26F0A14D5
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\2685.tmp
    Filesize

    428KB

    MD5

    66e4d7976dc6f27ce11f51dceaba470d

    SHA1

    431139b35087f73b9fb925cc5a6ff1301ae7a69f

    SHA256

    e882efd8ec052963e709eed02d99b47b54d5e97653df1c8087150c7afc1fb489

    SHA512

    c9fe0cd9f3a100166777f9d9fabf1025459c50772cc35c2223942d0fbb1522410a29460b59a51e0a020a68472bfa4eecccd5d3270b1fa0869c7f7bff09061352

    Download Submit

  • \Users\Admin\AppData\Local\Temp\2685.tmp
    Filesize

    428KB

    MD5

    66e4d7976dc6f27ce11f51dceaba470d

    SHA1

    431139b35087f73b9fb925cc5a6ff1301ae7a69f

    SHA256

    e882efd8ec052963e709eed02d99b47b54d5e97653df1c8087150c7afc1fb489

    SHA512

    c9fe0cd9f3a100166777f9d9fabf1025459c50772cc35c2223942d0fbb1522410a29460b59a51e0a020a68472bfa4eecccd5d3270b1fa0869c7f7bff09061352

    Download Submit