Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

337df40fd1...2c.exe

windows7-x64

10

337df40fd1...2c.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    24/08/2023, 03:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    337df40fd12949340ed91623721de19acb03a1b27c18129395e5f248b371042c.exe

  • Size

    68KB

  • MD5

    b174d60c1dd7af07bdebeb7b49a0b02e

  • SHA1

    78a5b281841f9556f8945ce0ebb92a5062e4a88c

  • SHA256

    337df40fd12949340ed91623721de19acb03a1b27c18129395e5f248b371042c

  • SHA512

    20e97b4cdfa135d3f7aaf3850f99ad4dcb749e20ab23c2cf175b8c16c5591140000d8aa5937996f47f4288c71f556136b0995ad9cce50bd514869a09837ae9e0

  • SSDEEP

    768:ApVgsUQhyqz60zOL2H8PBe6wcFA+9oma:ApV1UQtzRzO2H8PBbFema

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.7.130:6777/SiTM

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; yie9)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\337df40fd12949340ed91623721de19acb03a1b27c18129395e5f248b371042c.exe
    "C:\Users\Admin\AppData\Local\Temp\337df40fd12949340ed91623721de19acb03a1b27c18129395e5f248b371042c.exe"
    1⤵
      PID:2656

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2656-0-0x000000013FB50000-0x000000013FB78000-memory.dmp

      Filesize

      160KB

      Download

    • memory/2656-1-0x000000013FB50000-0x000000013FB78000-memory.dmp

      Filesize

      160KB

      Download