Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

accs.exe

windows7-x64

7

accs.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    86s
  • max time network
    79s
  • platform
    windows7_x64
  • resource
    win7-20231201-en
  • resource tags

    arch:x64arch:x86image:win7-20231201-enlocale:en-usos:windows7-x64system
  • submitted
    02/12/2023, 18:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    accs.exe

  • Size

    16.6MB

  • MD5

    08d90062f81fc0ffba72b3637de3067a

  • SHA1

    47a6311c738b1fd435be369520e0dae04a9c1a6d

  • SHA256

    14df56bdc8062b969eaaa23e83a66b80e8ad9544ef52e3502c2d9bf2c39d9a22

  • SHA512

    a8d71afa105f0eed1d52d18471c8709da34ab1e918e45af61d5c7ba0cc3a7f857855b9ea249fb14d5ed9942fe44b0321ac027fa9fc631d7196a9de8d79df38a3

  • SSDEEP

    393216:Zu7L/TKmr2pu0tTtdQusl7Q+l9RoWOv+9fayXDSY6:ZCL7Kmr2puI5dQu2QGborvSi

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\accs.exe
    "C:\Users\Admin\AppData\Local\Temp\accs.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1924
    • C:\Users\Admin\AppData\Local\Temp\accs.exe
      "C:\Users\Admin\AppData\Local\Temp\accs.exe"
      2⤵
      • Loads dropped DLL
      PID:2784
  • C:\Windows\system32\verclsid.exe
    "C:\Windows\system32\verclsid.exe" /S /C {0B2C9183-C9FA-4C53-AE21-C900B0C39965} /I {0C733A8A-2A1C-11CE-ADE5-00AA0044773D} /X 0x401
    1⤵
      PID:708
    • C:\Users\Admin\AppData\Local\Temp\accs.exe
      "C:\Users\Admin\AppData\Local\Temp\accs.exe"
      1⤵
        PID:2404
        • C:\Users\Admin\AppData\Local\Temp\accs.exe
          "C:\Users\Admin\AppData\Local\Temp\accs.exe"
          2⤵
            PID:2536
        • C:\Users\Admin\AppData\Local\Temp\accs.exe
          "C:\Users\Admin\AppData\Local\Temp\accs.exe"
          1⤵
            PID:2948
            • C:\Users\Admin\AppData\Local\Temp\accs.exe
              "C:\Users\Admin\AppData\Local\Temp\accs.exe"
              2⤵
                PID:284
            • C:\Users\Admin\AppData\Local\Temp\accs.exe
              "C:\Users\Admin\AppData\Local\Temp\accs.exe"
              1⤵
                PID:1708
                • C:\Users\Admin\AppData\Local\Temp\accs.exe
                  "C:\Users\Admin\AppData\Local\Temp\accs.exe"
                  2⤵
                    PID:1948

                Network

                MITRE ATT&CK Matrix

                Replay Monitor

                Loading Replay Monitor...

                Downloads

                • C:\Users\Admin\AppData\Local\Temp\_MEI17082\python310.dll
                  Filesize

                  405KB

                  MD5

                  a7cb9c495de6d0abde5292d607c43235

                  SHA1

                  2a44cc03e2a90eacb3189d58fdcb90a836c7fecf

                  SHA256

                  e50c62d49014f293fbaec8fe53f139f4f5aa5c3ff3f4d5c7ed3381bc414e3dbb

                  SHA512

                  7a47bf7cfb44c6011d41dbf40cce0f7003c6c1d677b75069ea34475bba8dfd3b49d9e006ccaffdecf4f734821023054d348b0a4c7e941a0c5a29c98c7611542a

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\_MEI19242\python310.dll
                  Filesize

                  4.3MB

                  MD5

                  deaf0c0cc3369363b800d2e8e756a402

                  SHA1

                  3085778735dd8badad4e39df688139f4eed5f954

                  SHA256

                  156cf2b64dd0f4d9bdb346b654a11300d6e9e15a65ef69089923dafc1c71e33d

                  SHA512

                  5cac1d92af7ee18425b5ee8e7cd4e941a9ddffb4bc1c12bb8aeabeed09acec1ff0309abc41a2e0c8db101fee40724f8bfb27a78898128f8746c8fe01c1631989

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\_MEI19242\wheel-0.41.2.dist-info\INSTALLER
                  Filesize

                  4B

                  MD5

                  365c9bfeb7d89244f2ce01c1de44cb85

                  SHA1

                  d7a03141d5d6b1e88b6b59ef08b6681df212c599

                  SHA256

                  ceebae7b8927a3227e5303cf5e0f1f7b34bb542ad7250ac03fbcde36ec2f1508

                  SHA512

                  d220d322a4053d84130567d626a9f7bb2fb8f0b854da1621f001826dc61b0ed6d3f91793627e6f0ac2ac27aea2b986b6a7a63427f05fe004d8a2adfbdadc13c1

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\_MEI24042\python310.dll
                  Filesize

                  2.4MB

                  MD5

                  8be9bfa0fd1bbdc14abf22d691a312ea

                  SHA1

                  181b679f79655dec43ebcb1eb0a0fe810cb5703e

                  SHA256

                  67b32edb4fc0fb906f1db735958a738662275fc644128f2a70625ac5ed5d4a14

                  SHA512

                  489ba14916cbcea393cdc4602f17755f3f358d2dd2b6e24e0b834a5d83499eaae5db2fe362143a697830bb1ea7a3a06d03c61ab3553a89e34789802b2d5bc7b4

                  Download Submit

                • C:\Users\Admin\AppData\Local\Temp\_MEI29482\python310.dll
                  Filesize

                  898KB

                  MD5

                  ee2d5310bd0eb1dc0d30b4587d5158c9

                  SHA1

                  4261b0fda6c2c081a4010959dc0e157b0763e535

                  SHA256

                  7c6f7d9274cfda55f42b7be911063a0d27e6bc204a499b355c29e04559c879e6

                  SHA512

                  e98f6732c5ea9c1ef0ae5b9e0de26bb421aba395805e59d102509204c4ba7eb4c44cb1c6739ba886fd0b8d6aea9181518e72d2f3fbb8a39e4ced0ca743a5eefe

                  Download Submit

                • \Users\Admin\AppData\Local\Temp\_MEI17082\python310.dll
                  Filesize

                  411KB

                  MD5

                  5d15e651c43acf14f981f00fda0ae6a3

                  SHA1

                  c63166f418b2e6316c1677836c1bbe1cd286b9a4

                  SHA256

                  7f6c2f3339f6169813458e8bba629baa9790c6c3038e1dc5b7f59af58c03d4f3

                  SHA512

                  549818d3d85b1a34b9eaea272223e7f96e4613e51ea4f82e562863a347c39210e62d1cc782154e2b7b825d067306c068f734701327fc2575b4733765bc0a68e7

                  Download Submit

                • \Users\Admin\AppData\Local\Temp\_MEI19242\python310.dll
                  Filesize

                  4.3MB

                  MD5

                  deaf0c0cc3369363b800d2e8e756a402

                  SHA1

                  3085778735dd8badad4e39df688139f4eed5f954

                  SHA256

                  156cf2b64dd0f4d9bdb346b654a11300d6e9e15a65ef69089923dafc1c71e33d

                  SHA512

                  5cac1d92af7ee18425b5ee8e7cd4e941a9ddffb4bc1c12bb8aeabeed09acec1ff0309abc41a2e0c8db101fee40724f8bfb27a78898128f8746c8fe01c1631989

                  Download Submit

                • \Users\Admin\AppData\Local\Temp\_MEI24042\python310.dll
                  Filesize

                  2.4MB

                  MD5

                  5cc5aa2ef13853c93dd03ada98fd0eb6

                  SHA1

                  20547c44930a51b1f0375e83a9540a089db2a2d3

                  SHA256

                  139da0db8e537dda630dd9410e363236cc0d00b2f3d462bfbc258c4e10cb2c61

                  SHA512

                  14cc5c7f5483b671d97c32b8d026d2da61b81ff2cde7bd0c8cda907d12686e8612f0664e292c41dfcbbe159cf22d84f92eda379dc6aba64ce2d545513ddb4af9

                  Download Submit

                • \Users\Admin\AppData\Local\Temp\_MEI29482\python310.dll
                  Filesize

                  923KB

                  MD5

                  2aab6b9b1dc83fa1e9bfc56aabe6078b

                  SHA1

                  3a1b45cd6ee93ec365fd0148329602b0fe113622

                  SHA256

                  e888a74f54db3da7de80ba0b2478125d4ef751d7260af5675a34815c16f50abc

                  SHA512

                  f9f3552cc374175ec03d2f45ad29e982fe93db18d7b67b59216191d0e8a3c25fe07274d1bc7e308639e82333b6f9da7b87487e3d9e9c2de9ba8bc74021039de4

                  Download Submit