Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

90912c8739...6c.exe

windows7-x64

7

90912c8739...6c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03/09/2023, 07:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    90912c8739fbf124cdb944ac854790333bffea36ff74f1d54c60749ea19e266c.exe

  • Size

    7.2MB

  • MD5

    595075ec0222e8f4bd67bd8e3cb8d741

  • SHA1

    c4ab3b1027a5982d995509ec0cfb34c986122171

  • SHA256

    90912c8739fbf124cdb944ac854790333bffea36ff74f1d54c60749ea19e266c

  • SHA512

    afd291ca6e74eb4b8e28712085281cee5ca1c769b871c14563f93569c48a989bfb4600d1d4f62c5854d458ce608133b21742cd25dfe6e26c47841c86f5f3a441

  • SSDEEP

    196608:8nGCai9jNHkm8wO0zva560V8b0c9r6cBSdsOSPlo:eai95HC0zvaQ0G4IrJShQo

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\90912c8739fbf124cdb944ac854790333bffea36ff74f1d54c60749ea19e266c.exe
    "C:\Users\Admin\AppData\Local\Temp\90912c8739fbf124cdb944ac854790333bffea36ff74f1d54c60749ea19e266c.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2972
    • C:\Users\Admin\AppData\Local\Temp\90912c8739fbf124cdb944ac854790333bffea36ff74f1d54c60749ea19e266c.exe
      "C:\Users\Admin\AppData\Local\Temp\90912c8739fbf124cdb944ac854790333bffea36ff74f1d54c60749ea19e266c.exe"
      2⤵
      • Loads dropped DLL
      PID:2748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI29722\api-ms-win-core-file-l1-2-0.dll
    Filesize

    18KB

    MD5

    395d39f6ec3e09c5194899434150cdf7

    SHA1

    abd262b486e1adc39b40dbfe012a551c732dfd69

    SHA256

    ecc40b2c80300b94615b450d5a97ed15ce51aa929c73da22c906ab01856f8223

    SHA512

    0f55725eb8609ae52c45ff7e255c3e23bff0b9e049f2f37cb4fc12841ad9f5ed8264307961cbd27031997c29ce04677b646f9c859fc629b25186ec52f735ba36

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI29722\api-ms-win-core-file-l2-1-0.dll
    Filesize

    18KB

    MD5

    f2cd3227975bd33ae08e34221d223ca6

    SHA1

    26b19fd814ea86825244e7a7cf82e7eddc189895

    SHA256

    f88209bb4993bfbcfc9727d101a4f1ecf84649ca5fd15b264faac11daf19ac7f

    SHA512

    690408ba6d88ad97334a8f9012c5db5c4d46d70cd9519f1d8e9131d1044805dce992d89167ef12d0192f4e5ab079722b88700df9601c05674267fc4f8d5486e3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI29722\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    21KB

    MD5

    b178f49844a5168d29d5cce20a6303e3

    SHA1

    29dd5bd890addbba1d8a9aeacb68716f8208da73

    SHA256

    9358400795afcc41f5e748e20b139cfbb1ac976b3e460597b0b21893d647276d

    SHA512

    b65308d482342291069314e9f99964c3479ea41579db17d3cbe3888318bb7605ee67c11a40f14609665a419f44a61809513bddb8b3657b24a4bac16bb274664f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI29722\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    19KB

    MD5

    da1c671169dd183afca9ac76f46fd86e

    SHA1

    47a1bd0c45d5b87351870b8dd2122da30638ec83

    SHA256

    e5c2478571ab260776b547579acd847bdecac9b4b9b4590d4ac7c80135c68930

    SHA512

    5e6eb5525a77ac63bbae2288fecfd5712aff5c194e55d93239ae6171b8602de9d029ca725f15efb03890dff57a34c07435687e87a20839d614cc9c90fdf06f5d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI29722\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    18KB

    MD5

    c54a336fdc425291b1d972f6fbaca6c7

    SHA1

    ea3872c198f3f41e41dcc42cf92aabbc6540579d

    SHA256

    8d1f5410f8b4326876410b45fcdcabb96bea4941f71ea5b11cb6dae80e6bdd49

    SHA512

    abe7694493ce2e367582be1155fb5100a7840e67eb1f646dbd5360a47b430ec03634a3f1a940a8a5f555d96da0fdab66a4a2de544b847234e38b588cf597e0e9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI29722\python311.dll
    Filesize

    4.7MB

    MD5

    d78c6f9fe07f71a21f94d6517438d62d

    SHA1

    715692354d2413c401d98dd94e5f531308ab4170

    SHA256

    1dac366b84b766a81b8ac37786b0d9d236815bee6ce807511898791f8bf5ad09

    SHA512

    622d85208ee69e691632d25bbbc99122e3c98e1e72230e5397740d64fd221d4dbbfd4967e991db77ebd3d6840f9a48315a95e7c1f4b9af8c3c5ec3a45ee346b1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI29722\ucrtbase.dll
    Filesize

    1.1MB

    MD5

    56c025c8d0c108bdf7000471adb20a92

    SHA1

    516e45cb54b1ec2c39c3845a66cc132e587fb4b1

    SHA256

    704d94de45f64f6213727e5c34ca61e702c2d1f28c58a6815e97da999265bb50

    SHA512

    2268bb970c92629be957ced61b3144764f1dfe9df4663064c72b86527fd63bd34550323673125979710b8450bd3f8e36312d40684a989b74cee50e251ea5ea42

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29722\api-ms-win-core-file-l1-2-0.dll
    Filesize

    18KB

    MD5

    395d39f6ec3e09c5194899434150cdf7

    SHA1

    abd262b486e1adc39b40dbfe012a551c732dfd69

    SHA256

    ecc40b2c80300b94615b450d5a97ed15ce51aa929c73da22c906ab01856f8223

    SHA512

    0f55725eb8609ae52c45ff7e255c3e23bff0b9e049f2f37cb4fc12841ad9f5ed8264307961cbd27031997c29ce04677b646f9c859fc629b25186ec52f735ba36

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29722\api-ms-win-core-file-l2-1-0.dll
    Filesize

    18KB

    MD5

    f2cd3227975bd33ae08e34221d223ca6

    SHA1

    26b19fd814ea86825244e7a7cf82e7eddc189895

    SHA256

    f88209bb4993bfbcfc9727d101a4f1ecf84649ca5fd15b264faac11daf19ac7f

    SHA512

    690408ba6d88ad97334a8f9012c5db5c4d46d70cd9519f1d8e9131d1044805dce992d89167ef12d0192f4e5ab079722b88700df9601c05674267fc4f8d5486e3

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29722\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    21KB

    MD5

    b178f49844a5168d29d5cce20a6303e3

    SHA1

    29dd5bd890addbba1d8a9aeacb68716f8208da73

    SHA256

    9358400795afcc41f5e748e20b139cfbb1ac976b3e460597b0b21893d647276d

    SHA512

    b65308d482342291069314e9f99964c3479ea41579db17d3cbe3888318bb7605ee67c11a40f14609665a419f44a61809513bddb8b3657b24a4bac16bb274664f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29722\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    19KB

    MD5

    da1c671169dd183afca9ac76f46fd86e

    SHA1

    47a1bd0c45d5b87351870b8dd2122da30638ec83

    SHA256

    e5c2478571ab260776b547579acd847bdecac9b4b9b4590d4ac7c80135c68930

    SHA512

    5e6eb5525a77ac63bbae2288fecfd5712aff5c194e55d93239ae6171b8602de9d029ca725f15efb03890dff57a34c07435687e87a20839d614cc9c90fdf06f5d

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29722\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    18KB

    MD5

    c54a336fdc425291b1d972f6fbaca6c7

    SHA1

    ea3872c198f3f41e41dcc42cf92aabbc6540579d

    SHA256

    8d1f5410f8b4326876410b45fcdcabb96bea4941f71ea5b11cb6dae80e6bdd49

    SHA512

    abe7694493ce2e367582be1155fb5100a7840e67eb1f646dbd5360a47b430ec03634a3f1a940a8a5f555d96da0fdab66a4a2de544b847234e38b588cf597e0e9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29722\python311.dll
    Filesize

    4.7MB

    MD5

    d78c6f9fe07f71a21f94d6517438d62d

    SHA1

    715692354d2413c401d98dd94e5f531308ab4170

    SHA256

    1dac366b84b766a81b8ac37786b0d9d236815bee6ce807511898791f8bf5ad09

    SHA512

    622d85208ee69e691632d25bbbc99122e3c98e1e72230e5397740d64fd221d4dbbfd4967e991db77ebd3d6840f9a48315a95e7c1f4b9af8c3c5ec3a45ee346b1

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29722\ucrtbase.dll
    Filesize

    1.1MB

    MD5

    56c025c8d0c108bdf7000471adb20a92

    SHA1

    516e45cb54b1ec2c39c3845a66cc132e587fb4b1

    SHA256

    704d94de45f64f6213727e5c34ca61e702c2d1f28c58a6815e97da999265bb50

    SHA512

    2268bb970c92629be957ced61b3144764f1dfe9df4663064c72b86527fd63bd34550323673125979710b8450bd3f8e36312d40684a989b74cee50e251ea5ea42

    Download Submit