Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8bc4eba355...ex.exe

windows7-x64

7

8bc4eba355...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    71s
  • max time network
    76s
  • platform
    windows7_x64
  • resource
    win7-20230705-en
  • resource tags

    arch:x64arch:x86image:win7-20230705-enlocale:en-usos:windows7-x64system
  • submitted
    08/07/2023, 17:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8bc4eba3558f90exeexeexeex.exe

  • Size

    412KB

  • MD5

    8bc4eba3558f90acee4ff235b5be1d65

  • SHA1

    3f7dad9ccdebec74416e0b25ac57fb135b1c2578

  • SHA256

    f6b52f83546221947f8ff771b14cc45d05bcc0597d7879d68adc77a5802a789d

  • SHA512

    a2c1ba0dbeefdf14fb7b4621dbbde95949348e49afcbffda9bc74672918e395e3ed48fe299e9707d9117c127db3627cb284c4b39f3230ab8c99ba38cfb01fad0

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnjpZT4NzzrJO+jIiAG2bZWDi/BbvpbnR8RP:U6PCrIc9kph5l4N3sFlG2kDOrR0

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8bc4eba3558f90exeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\8bc4eba3558f90exeexeexeex.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:3052
    • C:\Users\Admin\AppData\Local\Temp\780E.tmp
      "C:\Users\Admin\AppData\Local\Temp\780E.tmp" --pingC:\Users\Admin\AppData\Local\Temp\8bc4eba3558f90exeexeexeex.exe B3C5A8D1D2D217945733CBA59B36FFCDE1477E867CAE7A5465558075A1142D28DA9B2209C555B5DB8AA9F624A66C522C6292FDD8BC8A0AE1683DF62E3F59A600
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2876

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\780E.tmp
    Filesize

    412KB

    MD5

    b2b6be9b4d990316ae4d8ee76c41fa7e

    SHA1

    e48239f2fdf005eba53d0379298157b1228f87a0

    SHA256

    15e891a3ee89b960e6e5fe473cca0de0816d48bfe906dd30a63fb576a2107078

    SHA512

    ba167c49ea02898165bc3f2377c1b75e2ce98addf230c77acc36e84d74d670363514e0b13667b80d112b5cf2175215be63406f2c941b25a246744d82e99ef7af

    Download Submit

  • \Users\Admin\AppData\Local\Temp\780E.tmp
    Filesize

    412KB

    MD5

    b2b6be9b4d990316ae4d8ee76c41fa7e

    SHA1

    e48239f2fdf005eba53d0379298157b1228f87a0

    SHA256

    15e891a3ee89b960e6e5fe473cca0de0816d48bfe906dd30a63fb576a2107078

    SHA512

    ba167c49ea02898165bc3f2377c1b75e2ce98addf230c77acc36e84d74d670363514e0b13667b80d112b5cf2175215be63406f2c941b25a246744d82e99ef7af

    Download Submit