Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

a9694d2955...27.exe

windows7-x64

7

a9694d2955...27.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    144s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2023, 23:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a9694d2955984b5518c2cf639d699bc175824c18608006f61a3985e9247b3127.exe

  • Size

    11.5MB

  • MD5

    ba34311071e0424ac600d01ff443955b

  • SHA1

    1a2da56a643b9ae481d02d6dd779896169e90de0

  • SHA256

    a9694d2955984b5518c2cf639d699bc175824c18608006f61a3985e9247b3127

  • SHA512

    f8ba5b79759f0b844434d231562b33aec4ef8d9b0e296fbce2949fb865cd91ee32babbf3551315f90a7350e8f683d9f2e836158a0780925f654c9715cdca34f0

  • SSDEEP

    196608:8g6hakZlHYaYjfhaLAf1csxAr3mc9BDalQsfu2K6JlsRK87:QhXLYBjfbysxAr3mc9sCaJSRX7

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a9694d2955984b5518c2cf639d699bc175824c18608006f61a3985e9247b3127.exe
    "C:\Users\Admin\AppData\Local\Temp\a9694d2955984b5518c2cf639d699bc175824c18608006f61a3985e9247b3127.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:3048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\1579481736\ui.dll
    Filesize

    2.6MB

    MD5

    14a4d83af50c93b1e5049e299e2ae93e

    SHA1

    8d47d7fe0e7e289c0d1d1a778ff713e8b976160e

    SHA256

    211bcaf4a5e850653e40a37d63f27479503d793053f801fd9d9a3238c463746b

    SHA512

    f02828c3a03c316396b3a1036799b38ca6d764d4dad430a9460a7253ccad98cb9a4f4fc15a1ee1cbc80cf2105c6e104dda41d5455c7c2378c9dc71de17fe2727

    Download Submit

  • \Users\Admin\AppData\Local\Temp\1579481736\uimod.dll
    Filesize

    6.1MB

    MD5

    d7beff9a0702ee3433e352920a158306

    SHA1

    c659cd53a89b3ba8449b8040bc1b03f0fbafaeb6

    SHA256

    12a3ecd17726e69fec15fca91d3e14cfe0657a3ee90bb3ff13ee10b4535b881f

    SHA512

    7779d789056f345c2ca1a8f0dbbda860cedd64a8867255fa92786ab6a3789ff75acb771b2be75faa74408b5c9166e474f31424f0d34f1dccc59d5be9efcf65f1

    Download Submit

  • memory/3048-53-0x0000000074290000-0x00000000748D2000-memory.dmp

    Filesize

    6.3MB

    Download

  • memory/3048-71-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-7-0x0000000074290000-0x00000000748D2000-memory.dmp

    Filesize

    6.3MB

    Download

  • memory/3048-8-0x0000000074290000-0x00000000748D2000-memory.dmp

    Filesize

    6.3MB

    Download

  • memory/3048-5-0x0000000074290000-0x00000000748D2000-memory.dmp

    Filesize

    6.3MB

    Download

  • memory/3048-36-0x000000007EF80000-0x000000007EF90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3048-46-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-47-0x0000000074290000-0x00000000748D2000-memory.dmp

    Filesize

    6.3MB

    Download

  • memory/3048-48-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-49-0x0000000074290000-0x00000000748D2000-memory.dmp

    Filesize

    6.3MB

    Download

  • memory/3048-50-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-56-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-6-0x0000000074290000-0x00000000748D2000-memory.dmp

    Filesize

    6.3MB

    Download

  • memory/3048-0-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-52-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-58-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-61-0x0000000074290000-0x00000000748D2000-memory.dmp

    Filesize

    6.3MB

    Download

  • memory/3048-60-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-62-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-63-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-65-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-67-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-68-0x0000000074290000-0x00000000748D2000-memory.dmp

    Filesize

    6.3MB

    Download

  • memory/3048-69-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-54-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-73-0x0000000000400000-0x00000000017D7000-memory.dmp

    Filesize

    19.8MB

    Download

  • memory/3048-74-0x0000000074290000-0x00000000748D2000-memory.dmp

    Filesize

    6.3MB

    Download