Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

bd80409948...32.exe

windows7-x64

7

bd80409948...32.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2023, 19:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bd80409948a799f65127354ad9bf6cf0_exe32.exe

  • Size

    79KB

  • MD5

    bd80409948a799f65127354ad9bf6cf0

  • SHA1

    6f1c4a7931fa5129b41125e8717a6f0355effe0b

  • SHA256

    c45c00cb0be27b36353d6904ece97bf2b502cee01fb5b48814f663a17b03d636

  • SHA512

    b5944a38077566d235233b072cdaa696326c6f071d47d203aa67031d8948115868c031176a56bcdd4c4f9706313910911c49ccad3c3677065cd02911f2fd4b87

  • SSDEEP

    1536:5lrsicagdzn8K2ariPOcjk+XQuPVN72NMS7IITQuxicJPufQ:5JjcF8KfCOcjk+guPVjSl0uxicQfQ

Score
7/10
persistenceupx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops file in System32 directory 33 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bd80409948a799f65127354ad9bf6cf0_exe32.exe
    "C:\Users\Admin\AppData\Local\Temp\bd80409948a799f65127354ad9bf6cf0_exe32.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\macromd\girls gone wild.mpg.exe
    Filesize

    78KB

    MD5

    db042faba2705771737e08629bacc640

    SHA1

    cf4781a6f16d8acf4a4695761ab74cd3c24ae8ab

    SHA256

    76dc74e8d6c475a2180401a26875c37c8a27181fc8da283c3c1989f93098bde3

    SHA512

    1d342f3ca24b7ed883fd0d6824c5051d0d5b8e973075874a3cc0e8f803a8d6447e9adae7c682871c2fa5e535c0a03425245fe567781386b59f25141537f9f247

    Download Submit

  • memory/2972-0-0x0000000000400000-0x0000000000467000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2972-34-0x0000000000400000-0x0000000000467000-memory.dmp

    Filesize

    412KB

    Download