Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

fbbef0b379...84.exe

windows7-x64

7

fbbef0b379...84.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    20/12/2023, 11:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fbbef0b379a3690dc1d073327eaa62e0561fc5f8860cb4c4e33a3eb9d68ec984.exe

  • Size

    8.7MB

  • MD5

    4fe7e0d63460bfacd57ff736d77fef91

  • SHA1

    32696d69847dcce049e0e29f7823a5c29881bf47

  • SHA256

    fbbef0b379a3690dc1d073327eaa62e0561fc5f8860cb4c4e33a3eb9d68ec984

  • SHA512

    c6c376ae42083cb4e821d8a94f7f51f3a41884c00556c566873bc64b039cb3dce96fdd52d11c930af4a6b1027cb9dbc4ea1714eb6f046dbb2ba5c0553ca56b77

  • SSDEEP

    196608:K9LaAXJHpDVL2Vmd6+DKMTNfwZHYYhyt33CLnyTfj10:QxJJDVL2Vmd6mKMBkKnCLW

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fbbef0b379a3690dc1d073327eaa62e0561fc5f8860cb4c4e33a3eb9d68ec984.exe
    "C:\Users\Admin\AppData\Local\Temp\fbbef0b379a3690dc1d073327eaa62e0561fc5f8860cb4c4e33a3eb9d68ec984.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Users\Admin\AppData\Local\Temp\fbbef0b379a3690dc1d073327eaa62e0561fc5f8860cb4c4e33a3eb9d68ec984.exe
      "C:\Users\Admin\AppData\Local\Temp\fbbef0b379a3690dc1d073327eaa62e0561fc5f8860cb4c4e33a3eb9d68ec984.exe"
      2⤵
      • Loads dropped DLL
      PID:3028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI23122\python310.dll
    Filesize

    4.2MB

    MD5

    e9c0fbc99d19eeedad137557f4a0ab21

    SHA1

    8945e1811ceb4b26f21edcc7a36dcf2b1d34f0bf

    SHA256

    5783c5c5a3ffce181691f19d27de376a03010d32e41360b72bcdbd28467cfcc5

    SHA512

    74e1289683642ae2bc3cf780a07af1f27fed2011ef6cc67380f9c066c59d17a2fb2394a45a5c6cd75dad812a61093fdbd0f2108925f5c58fc6644c1c98be5c0b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI23122\python310.dll
    Filesize

    1.5MB

    MD5

    55ac7b1112b6218694f9758670cfb98e

    SHA1

    34cd1b02b5baa45873b36177ec71d5998a5d89a5

    SHA256

    80b66cc6e0a6c1d68c66ad55a01c710fbf7bb2f3ccd1ff1d6c21743ecf63f60a

    SHA512

    7cd3323abb20382a9f0210c0c95274a278172d3a8ed2812d3773a2de9e9481609ba2f23bb7ddec780ab6ddb9d17938cc96fceb94396615b7b8341300fe7cd4c9

    Download Submit