Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

f9c8eadc0d...00.exe

windows7-x64

7

f9c8eadc0d...00.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    82s
  • max time network
    80s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/11/2023, 22:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f9c8eadc0d919cd7dac397b7c9d3c25b2f78bc0702ce6397f1a18d4b6a546000.exe

  • Size

    145KB

  • MD5

    9301b2801f31b9118f1b51029e4e3af1

  • SHA1

    25751cb0b7f4eb5a4ebe3d47fbdeaf283eac9a1c

  • SHA256

    f9c8eadc0d919cd7dac397b7c9d3c25b2f78bc0702ce6397f1a18d4b6a546000

  • SHA512

    aca793a343a5578847c47af11366074cc427fef54c63c5c416c960b30ce0f0c3e696e913d1fb2e473500af3ecc9531a17e6a14e072387bfe06ddcfcd475652ef

  • SSDEEP

    3072:4L1MX4+ZLpLcydC6M0YNyQJfm7LWU0CxcePOMixvpss8z/qoutXL:4L1MxLc36WzJO7qdIchXuscqoSb

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\f9c8eadc0d919cd7dac397b7c9d3c25b2f78bc0702ce6397f1a18d4b6a546000.exe
    "C:\Users\Admin\AppData\Local\Temp\f9c8eadc0d919cd7dac397b7c9d3c25b2f78bc0702ce6397f1a18d4b6a546000.exe"
    1⤵
      PID:2188
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:232
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
          PID:1540

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
          Filesize

          16KB

          MD5

          b34cd7cbfb612e8f8bb2430af4b79a45

          SHA1

          21b04e46d206b0f0b0ca6bd4f1bb0fa47d752a23

          SHA256

          f46858115fa0ccfab3f089d3c5cf7c31a430c83369a93d1fcb0421e1cb027b36

          SHA512

          6f97801ad3bb5c8054ff41c20775562b84d20f7084086f956c5bc80f8fe908ac522216e459eec8ce48d924c452aecbd1f077afdb33a60633bf5ecdb0bba7b9a6

          Download Submit

        • memory/1540-56-0x000001F425150000-0x000001F425160000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1540-40-0x000001F425050000-0x000001F425060000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2188-39-0x0000000010000000-0x000000001006D000-memory.dmp

          Filesize

          436KB

          Download

        • memory/2188-18-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-6-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-9-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-12-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-16-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-17-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-21-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-20-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-1-0x0000000010000000-0x000000001006D000-memory.dmp

          Filesize

          436KB

          Download

        • memory/2188-19-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-5-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-15-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-13-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-14-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-10-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-11-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-8-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-7-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-4-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-3-0x00000000004F0000-0x0000000000530000-memory.dmp

          Filesize

          256KB

          Download

        • memory/2188-0-0x0000000010000000-0x000000001006D000-memory.dmp

          Filesize

          436KB

          Download