Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

703faa9f65...1a.exe

windows7-x64

7

703faa9f65...1a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    25/08/2023, 01:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    703faa9f657a787dd01bf39ec87d57faa575571222b46cc020e2c5242c85731a.exe

  • Size

    2.2MB

  • MD5

    f5e79be0233533c7dd1489cdc2d58560

  • SHA1

    8d5778b92e94a4a2deb6f699cbca173be8dc833a

  • SHA256

    703faa9f657a787dd01bf39ec87d57faa575571222b46cc020e2c5242c85731a

  • SHA512

    208f08cc76fb130f52f120c74d44036d4ec15eb97021d5a9b9a624d1c9496fa0145dc2880463401c856efc88462b38667cfbc847072a036168578a38811b0b1b

  • SSDEEP

    24576:WwUhGIZ9Z44vHzSul4SD6q13dlteMMgph6k1Xtu4KDU9ugtJJHnySb0GVzv0o1Oe:Wa4DFt7hb0G2e8lhm23aZjoE

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\703faa9f657a787dd01bf39ec87d57faa575571222b46cc020e2c5242c85731a.exe
    "C:\Users\Admin\AppData\Local\Temp\703faa9f657a787dd01bf39ec87d57faa575571222b46cc020e2c5242c85731a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1672
    • C:\Users\Admin\AppData\Local\Temp\703faa9f657a787dd01bf39ec87d57faa575571222b46cc020e2c5242c85731a.exe
      C:\Users\Admin\AppData\Local\Temp\703faa9f657a787dd01bf39ec87d57faa575571222b46cc020e2c5242c85731a.exe --
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\703faa9f657a787dd01bf39ec87d57faa575571222b46cc020e2c5242c85731a.exe
    Filesize

    2.2MB

    MD5

    45c2653a02f7da9ee2222b8a1a25070f

    SHA1

    d474e802935f599b355f09344752068315c7e582

    SHA256

    168ec1fda93ae8e85092fc82cbdc56008e9d7827d35e3ee7ed019da0d03bb2c2

    SHA512

    28013774caf1f023911feb2b98863eb8c13b4b7307c51358ef08f45c6568e751f6d8ac3d647803e065ee1c65d562d93b8776c59d555086e57b3dc9d8cd372a22

    Download Submit

  • \Users\Admin\AppData\Local\Temp\703faa9f657a787dd01bf39ec87d57faa575571222b46cc020e2c5242c85731a.exe
    Filesize

    2.2MB

    MD5

    45c2653a02f7da9ee2222b8a1a25070f

    SHA1

    d474e802935f599b355f09344752068315c7e582

    SHA256

    168ec1fda93ae8e85092fc82cbdc56008e9d7827d35e3ee7ed019da0d03bb2c2

    SHA512

    28013774caf1f023911feb2b98863eb8c13b4b7307c51358ef08f45c6568e751f6d8ac3d647803e065ee1c65d562d93b8776c59d555086e57b3dc9d8cd372a22

    Download Submit

  • memory/1672-6-0x0000000000400000-0x000000000067A000-memory.dmp

    Filesize

    2.5MB

    Download