Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

9cf284d390...c0.exe

windows7-x64

7

9cf284d390...c0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    02/10/2023, 19:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9cf284d390b2d8443e03ff7fcd3c625668d44c50e9fc01eeb6b0bd59b27971c0.exe

  • Size

    2.5MB

  • MD5

    9cd4aeb02afaf13f51a7cda6c31fddb2

  • SHA1

    f0c95e3336621bacd6d41c7947f84920890b59c2

  • SHA256

    9cf284d390b2d8443e03ff7fcd3c625668d44c50e9fc01eeb6b0bd59b27971c0

  • SHA512

    e2b6201c91d8c35db184e5dca15b2deaee962b694a04b2b5b549c6f7e2486d3bd9b8781f86d9a53eead2ed9d9bb064358736216d727619dbe1ed6d8cb7b0eb79

  • SSDEEP

    24576:WrZkefjs/vTWSHmIIxV7S1QoNusEmd7TXvne7vMbElbUlhvP99tw85G27RpJlIqE:WRVvsEqXveyQMZP93nVpJNWj2VEnMY

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9cf284d390b2d8443e03ff7fcd3c625668d44c50e9fc01eeb6b0bd59b27971c0.exe
    "C:\Users\Admin\AppData\Local\Temp\9cf284d390b2d8443e03ff7fcd3c625668d44c50e9fc01eeb6b0bd59b27971c0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\efd.dll
    Filesize

    35KB

    MD5

    2fce4202a6fed07730175335b2bde1ea

    SHA1

    9c7e039ab121c8fe0aaa64b2a75224d41c35365a

    SHA256

    1e402b803fead55dc58fc2c08997319d2cbf9fd958e8ff388ed276e585900865

    SHA512

    e2bc52b79927cec05e0a12b89489a42726a3fc2c7f9b2f6544c28d7d8c41d6e890464b145d21dce334589b014e3a00ede823ec11b96b4406cba9d58e2c0a5150

    Download Submit

  • \Users\Admin\AppData\Local\Temp\efd.dll
    Filesize

    35KB

    MD5

    2fce4202a6fed07730175335b2bde1ea

    SHA1

    9c7e039ab121c8fe0aaa64b2a75224d41c35365a

    SHA256

    1e402b803fead55dc58fc2c08997319d2cbf9fd958e8ff388ed276e585900865

    SHA512

    e2bc52b79927cec05e0a12b89489a42726a3fc2c7f9b2f6544c28d7d8c41d6e890464b145d21dce334589b014e3a00ede823ec11b96b4406cba9d58e2c0a5150

    Download Submit