Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

1616c261b0...85.exe

windows7-x64

7

1616c261b0...85.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/11/2023, 04:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1616c261b01084d4928e94269e6551172835b6e0349d780df6cbc435749a9885.exe

  • Size

    14.4MB

  • MD5

    c9241818b05ea0d117e8688081f7a47a

  • SHA1

    31b76ad8e1e2126810bd301faf68295780f106d8

  • SHA256

    1616c261b01084d4928e94269e6551172835b6e0349d780df6cbc435749a9885

  • SHA512

    8ba823df8219d2ab85ab8758b147d3fbad89157f662d433ff7a40fc887d2198ebeff96cc591c46a0ac66573771d98fc8390a98fd4447751f3606f5bf8f1b9e28

  • SSDEEP

    393216:fqJEHyfJr5SFRyyF8lc74dTlqtkLkXB8wSs37m:mfuhF6c749leaGBDSs37m

Score
7/10
upxvmprotect

Malware Config

Signatures

  • UPX packed file 17 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • VMProtect packed file 6 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1616c261b01084d4928e94269e6551172835b6e0349d780df6cbc435749a9885.exe
    "C:\Users\Admin\AppData\Local\Temp\1616c261b01084d4928e94269e6551172835b6e0349d780df6cbc435749a9885.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:4136

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4136-1-0x0000000001880000-0x0000000001881000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-0-0x0000000001840000-0x0000000001841000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-2-0x0000000001890000-0x0000000001891000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-4-0x0000000000400000-0x0000000001289000-memory.dmp

    Filesize

    14.5MB

    Download

  • memory/4136-5-0x00000000018B0000-0x00000000018B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-3-0x00000000018A0000-0x00000000018A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-7-0x00000000018D0000-0x00000000018D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-6-0x00000000018C0000-0x00000000018C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-8-0x00000000018E0000-0x00000000018E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-9-0x00000000018F0000-0x00000000018F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-10-0x0000000001900000-0x0000000001901000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-11-0x0000000001910000-0x0000000001911000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-12-0x0000000001920000-0x0000000001921000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-13-0x0000000001930000-0x0000000001931000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-15-0x0000000001950000-0x0000000001951000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-14-0x0000000001940000-0x0000000001941000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-16-0x0000000003250000-0x000000000402D000-memory.dmp

    Filesize

    13.9MB

    Download

  • memory/4136-23-0x0000000003250000-0x000000000402D000-memory.dmp

    Filesize

    13.9MB

    Download

  • memory/4136-24-0x0000000004030000-0x00000000047E3000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4136-26-0x0000000003250000-0x000000000402D000-memory.dmp

    Filesize

    13.9MB

    Download

  • memory/4136-27-0x0000000001970000-0x0000000001971000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-28-0x0000000001980000-0x0000000001981000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-29-0x0000000001990000-0x0000000001991000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-30-0x0000000004050000-0x0000000004051000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-31-0x0000000004060000-0x0000000004061000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-32-0x0000000004070000-0x0000000004071000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-34-0x0000000004080000-0x0000000004081000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4136-35-0x0000000003250000-0x000000000402D000-memory.dmp

    Filesize

    13.9MB

    Download

  • memory/4136-39-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-40-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-41-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-44-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-47-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-49-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-51-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-54-0x0000000000400000-0x0000000001289000-memory.dmp

    Filesize

    14.5MB

    Download

  • memory/4136-53-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-56-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-58-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-60-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-63-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-62-0x0000000003250000-0x000000000402D000-memory.dmp

    Filesize

    13.9MB

    Download

  • memory/4136-65-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-67-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-69-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-71-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/4136-86-0x00000000041B0000-0x00000000041EE000-memory.dmp

    Filesize

    248KB

    Download