Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

66c3200d2f...10.exe

windows7-x64

7

66c3200d2f...10.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    17/08/2023, 20:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66c3200d2f79524d0d0e01248a8f431249b678cc9b893067a37a7312e1128410.exe

  • Size

    13.0MB

  • MD5

    d663aadd2ec44fb8271e829503dde439

  • SHA1

    0e27299a2902f3a4469758be16cc90ce1e582c96

  • SHA256

    66c3200d2f79524d0d0e01248a8f431249b678cc9b893067a37a7312e1128410

  • SHA512

    354a06bca4091c2d61a1a40ff5fe273b4d1ae2095c8d78009ac1dcccf6df86a672dbb15fbf7d9d2cc2d28edcad6376c6990b92cc0664bf3f4a5fd6c1f196908c

  • SSDEEP

    196608:ZAHabVK0+Gw5s8aH0pFAHqolDYTrkgxEFdEJV2:uHcVKYw5naH8eHlDsWdEm

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 7 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\66c3200d2f79524d0d0e01248a8f431249b678cc9b893067a37a7312e1128410.exe
    "C:\Users\Admin\AppData\Local\Temp\66c3200d2f79524d0d0e01248a8f431249b678cc9b893067a37a7312e1128410.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\ExuiKrnln_Win32_20230812.lib
    Filesize

    1.6MB

    MD5

    3ea488a82fba1995e5d25b8a076389dd

    SHA1

    25c597347e9dd839778bb3d13db08787d63c518a

    SHA256

    66a2ffa3d87640746a66b0d59d81a53b52b17a10f3b1a85f3193e33d59eb0cd6

    SHA512

    df29c219d040be58d94dd46ed90d00141b4111dd00a01045eb45752463d33cca8167147b035ab7a4e09d64b753579978bbc08d72881ad723adafa79f01da88d2

    Download Submit

  • memory/2636-57-0x0000000010000000-0x00000000105A1000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2636-58-0x0000000010000000-0x00000000105A1000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2636-60-0x0000000010000000-0x00000000105A1000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2636-59-0x0000000010000000-0x00000000105A1000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2636-62-0x0000000010000000-0x00000000105A1000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2636-61-0x0000000010000000-0x00000000105A1000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/2636-64-0x0000000010000000-0x00000000105A1000-memory.dmp

    Filesize

    5.6MB

    Download