Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

94ce7b0651...c5.exe

windows7-x64

7

94ce7b0651...c5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/08/2023, 15:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    94ce7b06515e60c6620048565c597a933f13070d4361af8b7f0ea09f072facc5.exe

  • Size

    7.2MB

  • MD5

    77aa6abcaedbc1bae0eada23bc61ad22

  • SHA1

    8e122304becadfb03d70bfaed6c284528152b0ee

  • SHA256

    94ce7b06515e60c6620048565c597a933f13070d4361af8b7f0ea09f072facc5

  • SHA512

    98863e2e3247843c94853796e1e757ee1641a9fbb5f50826afd4f84fc1522c8e5765694237851c1ce17a4210692f513415817b1a405f92b5b761f6eb5a8bc661

  • SSDEEP

    196608:pxQwZcUymL2V76+D3c/f/+SvYEYiZRO9oe50DY:8vmL2V76m3c/eALZRO9oVY

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 5 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\94ce7b06515e60c6620048565c597a933f13070d4361af8b7f0ea09f072facc5.exe
    "C:\Users\Admin\AppData\Local\Temp\94ce7b06515e60c6620048565c597a933f13070d4361af8b7f0ea09f072facc5.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Users\Admin\AppData\Local\Temp\94ce7b06515e60c6620048565c597a933f13070d4361af8b7f0ea09f072facc5.exe
      "C:\Users\Admin\AppData\Local\Temp\94ce7b06515e60c6620048565c597a933f13070d4361af8b7f0ea09f072facc5.exe"
      2⤵
      • Loads dropped DLL
      PID:1060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\VCRUNTIME140.dll
    Filesize

    96KB

    MD5

    f12681a472b9dd04a812e16096514974

    SHA1

    6fd102eb3e0b0e6eef08118d71f28702d1a9067c

    SHA256

    d66c3b47091ceb3f8d3cc165a43d285ae919211a0c0fcb74491ee574d8d464f8

    SHA512

    7d3accbf84de73fb0c5c0de812a9ed600d39cd7ed0f99527ca86a57ce63f48765a370e913e3a46ffc2ccd48ee07d823dafdd157710eef9e7cc1eb7505dc323a2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\VCRUNTIME140.dll
    Filesize

    96KB

    MD5

    f12681a472b9dd04a812e16096514974

    SHA1

    6fd102eb3e0b0e6eef08118d71f28702d1a9067c

    SHA256

    d66c3b47091ceb3f8d3cc165a43d285ae919211a0c0fcb74491ee574d8d464f8

    SHA512

    7d3accbf84de73fb0c5c0de812a9ed600d39cd7ed0f99527ca86a57ce63f48765a370e913e3a46ffc2ccd48ee07d823dafdd157710eef9e7cc1eb7505dc323a2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\_bz2.pyd
    Filesize

    81KB

    MD5

    a4b636201605067b676cc43784ae5570

    SHA1

    e9f49d0fc75f25743d04ce23c496eb5f89e72a9a

    SHA256

    f178e29921c04fb68cc08b1e5d1181e5df8ce1de38a968778e27990f4a69973c

    SHA512

    02096bc36c7a9ecfa1712fe738b5ef8b78c6964e0e363136166657c153727b870a6a44c1e1ec9b81289d1aa0af9c85f1a37b95b667103edc2d3916280b6a9488

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\_bz2.pyd
    Filesize

    81KB

    MD5

    a4b636201605067b676cc43784ae5570

    SHA1

    e9f49d0fc75f25743d04ce23c496eb5f89e72a9a

    SHA256

    f178e29921c04fb68cc08b1e5d1181e5df8ce1de38a968778e27990f4a69973c

    SHA512

    02096bc36c7a9ecfa1712fe738b5ef8b78c6964e0e363136166657c153727b870a6a44c1e1ec9b81289d1aa0af9c85f1a37b95b667103edc2d3916280b6a9488

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\_lzma.pyd
    Filesize

    154KB

    MD5

    b5fbc034ad7c70a2ad1eb34d08b36cf8

    SHA1

    4efe3f21be36095673d949cceac928e11522b29c

    SHA256

    80a6ebe46f43ffa93bbdbfc83e67d6f44a44055de1439b06e4dd2983cb243df6

    SHA512

    e7185da748502b645030c96d3345d75814ba5fd95a997c2d1c923d981c44d5b90db64faf77ddbbdc805769af1bec37daf0ecee0930a248b67a1c2d92b59c250c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\_lzma.pyd
    Filesize

    154KB

    MD5

    b5fbc034ad7c70a2ad1eb34d08b36cf8

    SHA1

    4efe3f21be36095673d949cceac928e11522b29c

    SHA256

    80a6ebe46f43ffa93bbdbfc83e67d6f44a44055de1439b06e4dd2983cb243df6

    SHA512

    e7185da748502b645030c96d3345d75814ba5fd95a997c2d1c923d981c44d5b90db64faf77ddbbdc805769af1bec37daf0ecee0930a248b67a1c2d92b59c250c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\base_library.zip
    Filesize

    1.0MB

    MD5

    e4973e8005b4e468763d2bc546150cd7

    SHA1

    5394d765091ddbc1c60447dfc5ca6ebcb995d84b

    SHA256

    f597ac850fca783bb2b7fd2a2b680cf679d973d91774740e07ade1b79d9e986d

    SHA512

    e0ac187931c5488a635f5227b6bcbdb4a307918082638fe6c91128dd7e341517dec40fd37aa7c609ca2ecc89b16741d3c29bef177d69a57563bb3735b913ec7b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\python310.dll
    Filesize

    4.3MB

    MD5

    c80b5cb43e5fe7948c3562c1fff1254e

    SHA1

    f73cb1fb9445c96ecd56b984a1822e502e71ab9d

    SHA256

    058925e4bbfcb460a3c00ec824b8390583baef0c780a7c7ff01d43d9eec45f20

    SHA512

    faa97a9d5d2a0bf78123f19f8657c24921b907268938c26f79e1df6d667f7bee564259a3a11022e8629996406cda9fa00434bb2b1de3e10b9bddc59708dbad81

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\python310.dll
    Filesize

    4.3MB

    MD5

    c80b5cb43e5fe7948c3562c1fff1254e

    SHA1

    f73cb1fb9445c96ecd56b984a1822e502e71ab9d

    SHA256

    058925e4bbfcb460a3c00ec824b8390583baef0c780a7c7ff01d43d9eec45f20

    SHA512

    faa97a9d5d2a0bf78123f19f8657c24921b907268938c26f79e1df6d667f7bee564259a3a11022e8629996406cda9fa00434bb2b1de3e10b9bddc59708dbad81

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\ucrtbase.dll
    Filesize

    987KB

    MD5

    7b809ab173d42eeac1173b8da32f885f

    SHA1

    fa6f239bbd881676804f994bb756e9319545b3f7

    SHA256

    108fd8ef417e441c3f4ad978f48f93053cae4a719fde055d65f482aaa2d1b978

    SHA512

    a20604ecc02ff622338ad6b81f683f7e483db72d2c7c26fb64ba9d6f5f8ecf6961aea443be31f58eb7843300aeba2f82be871157a74d894a48ac81581a4aa2b1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22322\ucrtbase.dll
    Filesize

    987KB

    MD5

    7b809ab173d42eeac1173b8da32f885f

    SHA1

    fa6f239bbd881676804f994bb756e9319545b3f7

    SHA256

    108fd8ef417e441c3f4ad978f48f93053cae4a719fde055d65f482aaa2d1b978

    SHA512

    a20604ecc02ff622338ad6b81f683f7e483db72d2c7c26fb64ba9d6f5f8ecf6961aea443be31f58eb7843300aeba2f82be871157a74d894a48ac81581a4aa2b1

    Download Submit