Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

a64e23367e...00.exe

windows7-x64

7

a64e23367e...00.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 10:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a64e23367ec361098724a0e36c22dc76b10bd18f0f42d32399949a0d2651c700.exe

  • Size

    6.1MB

  • MD5

    c5f829f4445fcd82cf9fc0d4a290b908

  • SHA1

    4461bfcc310475e7dbc2867a1503732336e039b3

  • SHA256

    a64e23367ec361098724a0e36c22dc76b10bd18f0f42d32399949a0d2651c700

  • SHA512

    7f72ee23c8f4ae8fbd95b1d4a7a6ac4726e114f124191a5682f3241167111415165b0c2c72bd08ad3d61c6a6e20dcefa93fc6adca023f5e62ae4529a530d51fc

  • SSDEEP

    196608:t5OyZdVYQ37Sdd9iD+nt3Pq+kcF0SfS8JVvBSN:T9ZdVYwK9QORy+7Nq84N

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a64e23367ec361098724a0e36c22dc76b10bd18f0f42d32399949a0d2651c700.exe
    "C:\Users\Admin\AppData\Local\Temp\a64e23367ec361098724a0e36c22dc76b10bd18f0f42d32399949a0d2651c700.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\DmReg.dll
    Filesize

    52KB

    MD5

    8d41ed6dcdc79b31a0bbcf6eb1e296c0

    SHA1

    e2534f01e7d99a1e61ee00576cf380c58c724822

    SHA256

    a278b8722fb686f43b1ae204534abcafab1d7228226af6ef5697d0d6fc7aa303

    SHA512

    b479a2a4ca5f81821b75835a09a234b0c905515a072dbd035aacda3b60efa7471b2b4aa2f3ce9d1c64e92c84c9a3fb0dcc862821d1232392a26fcf406619de09

    Download Submit

  • memory/2220-2-0x0000000000400000-0x0000000000A7C000-memory.dmp

    Filesize

    6.5MB

    Download

  • memory/2220-7-0x000000007756F000-0x0000000077570000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2220-6-0x000000006FFF0000-0x0000000070000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2220-10-0x0000000000400000-0x0000000000A7C000-memory.dmp

    Filesize

    6.5MB

    Download