Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

6b87a83640...ex.exe

windows7-x64

7

6b87a83640...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/07/2023, 10:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6b87a83640d9c8exeexeexeex.exe

  • Size

    412KB

  • MD5

    6b87a83640d9c8f5c2625045e51f8253

  • SHA1

    31acc1d7a2297a7dbfc4d7968f75669a3fc119c2

  • SHA256

    d8f21c94fca09911b02cccbe37b87f731335d91c6e7095b93f54dc3126cc97da

  • SHA512

    cd4bb9c7b2904bbfa30288a919f99f86ec768cdc696718f0e29c206418cc65d6be4bf5ac6b5367282c7c576dfe183896b53133801c5549fd57792c23028236a1

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZngByQ1q1tUiEeLYO4Q3hc7FZPCJ0sU3BQa7P:U6PCrIc9kph5m3wqeL07FZPCJk3z7

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6b87a83640d9c8exeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\6b87a83640d9c8exeexeexeex.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4376
    • C:\Users\Admin\AppData\Local\Temp\7000.tmp
      "C:\Users\Admin\AppData\Local\Temp\7000.tmp" --pingC:\Users\Admin\AppData\Local\Temp\6b87a83640d9c8exeexeexeex.exe 01DE1084EAF5056D7B06D4BE2DB3CC4D127A31D29613CDF814B8E8E60AD22B72B28B0BCF1951346ADF48A0CB9792582F1B6020B5DE4B1DA0AFFA852DE813DEB9
      2⤵
      • Executes dropped EXE
      PID:3672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7000.tmp
    Filesize

    412KB

    MD5

    24ab3d97e5cecb224c0253be6f3475e0

    SHA1

    bea3effe198eb18dfeffd8e705ee9f6381557dec

    SHA256

    4bf1d87d35ca6cbfbf8336cb8bd52737baa2d9c747e9da2a803fe9cdc21d2df2

    SHA512

    6b742571f669d0147d180b125146138082d293922481516ce05bebed675a0ab56506f7cf914d674754fca9a5447aae04ed0464b33cecf75291cf90f53b8a0871

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\7000.tmp
    Filesize

    412KB

    MD5

    24ab3d97e5cecb224c0253be6f3475e0

    SHA1

    bea3effe198eb18dfeffd8e705ee9f6381557dec

    SHA256

    4bf1d87d35ca6cbfbf8336cb8bd52737baa2d9c747e9da2a803fe9cdc21d2df2

    SHA512

    6b742571f669d0147d180b125146138082d293922481516ce05bebed675a0ab56506f7cf914d674754fca9a5447aae04ed0464b33cecf75291cf90f53b8a0871

    Download Submit