Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

68391e2e7b...ex.exe

windows7-x64

7

68391e2e7b...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/07/2023, 09:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    68391e2e7b1821exeexeexeex.exe

  • Size

    411KB

  • MD5

    68391e2e7b182114dd74caa101302b3b

  • SHA1

    d0b5bb05f8d526515b21980282f56d4b7fdd976e

  • SHA256

    2ed44e21a3521f7339b96b8eeecddf2876959a6b97677735d79ef15c82883096

  • SHA512

    1590b7111ab187a5ddf6f188388406f9d246498d2da731ddb07abf0ab9296e1508e87f58bf25bda67cca621e983e17ca4d39b3da7cbfa955d4a2715360643d89

  • SSDEEP

    6144:gVdvczEb7GUOpYWhNVynE/mFCy3+7I4A6LiEOM4aab0KV39SqHI:gZLolhNVyETA+7I4A62x7R0qHI

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\68391e2e7b1821exeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\68391e2e7b1821exeexeexeex.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4564
    • C:\Users\Admin\AppData\Local\Temp\9EB1.tmp
      "C:\Users\Admin\AppData\Local\Temp\9EB1.tmp" --pingC:\Users\Admin\AppData\Local\Temp\68391e2e7b1821exeexeexeex.exe 71A2C4395314F85C62A41084AD7ADCB1A8C99E159D20CB877F2B275956CB28A4D69894C7BFEE18DB669E427718650DD037C2CC2B0FC93F6A1623F2BD65A7AADF
      2⤵
      • Executes dropped EXE
      PID:4748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\9EB1.tmp
    Filesize

    411KB

    MD5

    8fbbb80c0717312a596b4c7d936fd7e7

    SHA1

    f385aa57bf8e7615ab11510f04806ac5d940a695

    SHA256

    ba46247e199a3ec1c62ec58c9c4f7e9305f22c01bb6a39d63f47ab2a3eee48d1

    SHA512

    7bfa9fb1ac76fbedcae6bcee3020a669c8d9bc56b69887d7a490b450cf44304db9725b19564d020e98777dbcde71165f394eb37c110e1b300a0932d4e3c6aff9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\9EB1.tmp
    Filesize

    411KB

    MD5

    8fbbb80c0717312a596b4c7d936fd7e7

    SHA1

    f385aa57bf8e7615ab11510f04806ac5d940a695

    SHA256

    ba46247e199a3ec1c62ec58c9c4f7e9305f22c01bb6a39d63f47ab2a3eee48d1

    SHA512

    7bfa9fb1ac76fbedcae6bcee3020a669c8d9bc56b69887d7a490b450cf44304db9725b19564d020e98777dbcde71165f394eb37c110e1b300a0932d4e3c6aff9

    Download Submit