Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

SarangUpdate.exe

windows7-x64

7

SarangUpdate.exe

windows10-2004-x64

7

serviceUpdate.exe

windows7-x64

7

serviceUpdate.exe

windows10-2004-x64

7

Resubmissions

20/11/2023, 02:36 UTC

231120-c3z3hsec4v 7

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    20/11/2023, 02:36 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    serviceUpdate.exe

  • Size

    475KB

  • MD5

    e79f996b69d7fa546ed9235fdc0ee06d

  • SHA1

    b1616a455947ef3f29a4b5afdeda99369fc20bf8

  • SHA256

    ec7fcd3f4533d3514a9a42cbc41c40358eea47255bab1171146a5ccebaf20990

  • SHA512

    c0fd12425188d81be78be91facace2a036b81e29ffe4fde13b613a40bc20b39c656f1e0d91542b87973ffd2bc44e05b0354ecb1a488d391ee68f48cf43b44cf6

  • SSDEEP

    12288:QNrhTLpMP+R+QDCfA832AtBYmz6af0F7Z1QVjSOsJbc:QthTiP+ffCfB5Lf0F7Z1EDsBc

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\serviceUpdate.exe
    "C:\Users\Admin\AppData\Local\Temp\serviceUpdate.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:852

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_ir_tu2_temp_0\IRIMG2.JPG
    Filesize

    6KB

    MD5

    e39405e85e09f64ccde0f59392317dd3

    SHA1

    9c76db4b3d8c7972e7995ecfb1e3c47ee94fd14b

    SHA256

    cfd9677e1c0e10b1507f520c4ecd40f68db78154c0d4e6563403d540f3bf829f

    SHA512

    6733f330145b48d23c023c664090f4f240e9bbeb8368b486c8ee8682ec6a930b73275e24075648d1aa7e01db1ec7b7e259286917a006ba9af8fb7cba3439070a

    Download Submit

  • memory/852-0-0x0000000000400000-0x000000000053F000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/852-18-0x00000000003E0000-0x00000000003E2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/852-19-0x0000000010000000-0x0000000010004000-memory.dmp

    Filesize

    16KB

    Download

  • memory/852-23-0x0000000000400000-0x000000000053F000-memory.dmp

    Filesize

    1.2MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.