Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

tunnel_ssh2.exe

windows7-x64

7

tunnel_ssh2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/11/2023, 03:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tunnel_ssh2.exe

  • Size

    7.7MB

  • MD5

    0b2773a29c0cc6b80f63f1a6a7b67d00

  • SHA1

    169bdfee62ba134fc7c1c65afaba4c90ba003eec

  • SHA256

    7ed894e650fb53f7cba80ed1847fda639a102d7630fd73edee6a4812b5f79b3f

  • SHA512

    375d13e68ab765272456cfb0a948f98577494c2c70ecec7d0aae870beb22389c87afd50ec7fe48708d5bbe380ee1f0158ee09df3649ea4c8452803dc364fa335

  • SSDEEP

    196608:yewv8SUdQmRrdA6ly8Qnf2ODjMnGydSdmyFfmGrwOBWZA:0lUdQOl6F3MnG3dmUOGrwCs

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tunnel_ssh2.exe
    "C:\Users\Admin\AppData\Local\Temp\tunnel_ssh2.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2608
    • C:\Users\Admin\AppData\Local\Temp\tunnel_ssh2.exe
      "C:\Users\Admin\AppData\Local\Temp\tunnel_ssh2.exe"
      2⤵
      • Loads dropped DLL
      PID:976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI26082\VCRUNTIME140.dll
    Filesize

    96KB

    MD5

    f12681a472b9dd04a812e16096514974

    SHA1

    6fd102eb3e0b0e6eef08118d71f28702d1a9067c

    SHA256

    d66c3b47091ceb3f8d3cc165a43d285ae919211a0c0fcb74491ee574d8d464f8

    SHA512

    7d3accbf84de73fb0c5c0de812a9ed600d39cd7ed0f99527ca86a57ce63f48765a370e913e3a46ffc2ccd48ee07d823dafdd157710eef9e7cc1eb7505dc323a2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI26082\VCRUNTIME140.dll
    Filesize

    96KB

    MD5

    f12681a472b9dd04a812e16096514974

    SHA1

    6fd102eb3e0b0e6eef08118d71f28702d1a9067c

    SHA256

    d66c3b47091ceb3f8d3cc165a43d285ae919211a0c0fcb74491ee574d8d464f8

    SHA512

    7d3accbf84de73fb0c5c0de812a9ed600d39cd7ed0f99527ca86a57ce63f48765a370e913e3a46ffc2ccd48ee07d823dafdd157710eef9e7cc1eb7505dc323a2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI26082\base_library.zip
    Filesize

    1.7MB

    MD5

    3ea69d78a7aa9244c2eae0eec291d457

    SHA1

    11d09841b5db27ddce72a3a8a5c075d115c717e1

    SHA256

    0a82a8a51040809dee10af0084d9f0d500195204aeeca1843e6e6249c77c1db3

    SHA512

    926ef6a32acae0722ac2b9cc0f3c0c1996a64f1ea3797d5d60f76992f128a584623943f3daa445d8ed948987772e1af39de5d278903d637660298a27bef3b69c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI26082\python311.dll
    Filesize

    5.5MB

    MD5

    9a24c8c35e4ac4b1597124c1dcbebe0f

    SHA1

    f59782a4923a30118b97e01a7f8db69b92d8382a

    SHA256

    a0cf640e756875c25c12b4a38ba5f2772e8e512036e2ac59eb8567bf05ffbfb7

    SHA512

    9d9336bf1f0d3bc9ce4a636a5f4e52c5f9487f51f00614fc4a34854a315ce7ea8be328153812dbd67c45c75001818fa63317eba15a6c9a024fa9f2cab163165b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI26082\python311.dll
    Filesize

    5.5MB

    MD5

    9a24c8c35e4ac4b1597124c1dcbebe0f

    SHA1

    f59782a4923a30118b97e01a7f8db69b92d8382a

    SHA256

    a0cf640e756875c25c12b4a38ba5f2772e8e512036e2ac59eb8567bf05ffbfb7

    SHA512

    9d9336bf1f0d3bc9ce4a636a5f4e52c5f9487f51f00614fc4a34854a315ce7ea8be328153812dbd67c45c75001818fa63317eba15a6c9a024fa9f2cab163165b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI26082\ucrtbase.dll
    Filesize

    983KB

    MD5

    bfc39414668264275f77188d54a36a48

    SHA1

    de45fdf2d9543a3d6eda428e1aca07f406ad2649

    SHA256

    a1d0642713935c73173d7a80680cd480de93348680104635793431dcfe94ce68

    SHA512

    657907caaf1539455efd0cb29f698605cf9a2cfc872087f782f485db25b187f986e9a0d1e3921eab7dafa4099f72d57c99259da2a7ab7240ffaada5c00f510eb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI26082\ucrtbase.dll
    Filesize

    983KB

    MD5

    bfc39414668264275f77188d54a36a48

    SHA1

    de45fdf2d9543a3d6eda428e1aca07f406ad2649

    SHA256

    a1d0642713935c73173d7a80680cd480de93348680104635793431dcfe94ce68

    SHA512

    657907caaf1539455efd0cb29f698605cf9a2cfc872087f782f485db25b187f986e9a0d1e3921eab7dafa4099f72d57c99259da2a7ab7240ffaada5c00f510eb

    Download Submit