Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

13e7286769...39.exe

windows7-x64

7

13e7286769...39.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2023, 05:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    13e72867699644e1f356953797bb31d92d2fe4f514c1cb2e698724ebabbc1939.exe

  • Size

    6.4MB

  • MD5

    a25c2ad9dca3e43753aa1a2b3a058850

  • SHA1

    a17f0ef5ff2813ceec236d3e5ea053c84071aa59

  • SHA256

    13e72867699644e1f356953797bb31d92d2fe4f514c1cb2e698724ebabbc1939

  • SHA512

    2316864797c365bbad6865a1125ceaa9facc225e46bb70ac1379dfd84b2d2a704d0715a3b0b7460f5dad6532f5e982d51a2350430a6a6d77accf5cb51505ade7

  • SSDEEP

    98304:rX2p6LsKcB27OgUWZHwId7Xy9GYGfrLf6jevl9QZ2BWgbHqvvbcB27OgUWZHw3:zw2sWXsoWO8c2sW

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\13e72867699644e1f356953797bb31d92d2fe4f514c1cb2e698724ebabbc1939.exe
    "C:\Users\Admin\AppData\Local\Temp\13e72867699644e1f356953797bb31d92d2fe4f514c1cb2e698724ebabbc1939.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\ExuiKrnln_Win32_20230421.lib
    Filesize

    1.5MB

    MD5

    ef48d7cc52338513cc0ce843c5e3916b

    SHA1

    20965d86b7b358edf8b5d819302fa7e0e6159c18

    SHA256

    835bfef980ad0cedf10d8ade0cf5671d9f56062f2b22d0a0547b07772ceb25a8

    SHA512

    fd4602bd487eaad5febb5b3e9d8fe75f4190d1e44e538e7ae2d2129087f35b72b254c85d7335a81854aa2bdb4f0f2fa22e02a892ee23ac57b78cdd03a79259b9

    Download Submit

  • memory/2184-54-0x0000000002610000-0x00000000029B8000-memory.dmp

    Filesize

    3.7MB

    Download

  • memory/2184-59-0x0000000000280000-0x0000000000281000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2184-58-0x0000000002610000-0x00000000029B8000-memory.dmp

    Filesize

    3.7MB

    Download

  • memory/2184-60-0x0000000002610000-0x00000000029B8000-memory.dmp

    Filesize

    3.7MB

    Download

  • memory/2184-62-0x0000000002610000-0x00000000029B8000-memory.dmp

    Filesize

    3.7MB

    Download