Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

691d859047...f5.exe

windows7-x64

7

691d859047...f5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 04:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    691d859047c536833ea537bce032fcf5.exe

  • Size

    1.9MB

  • MD5

    691d859047c536833ea537bce032fcf5

  • SHA1

    6917d721d6999fcb5362430d90319c899f776e69

  • SHA256

    fa0bdffbd4ba7150dcb15ac494e7f25a9aab600c319321d829664a7be8030259

  • SHA512

    1b29b3397d6592e64f2b516a4628fcffbbc8403dc73c4836573ea75833c67ac97436695b9f7d9aa45a7fe9ba53f3dd068a6568405b68fffb54e2c711136b44fe

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10dISzC420WX9PxdubH63HX4asBhxi44RB8Q4b7:Qoa1taC070d9zyXdqyotrP+C8ow4EAN

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5725.tmp
    "C:\Users\Admin\AppData\Local\Temp\5725.tmp" --splashC:\Users\Admin\AppData\Local\Temp\691d859047c536833ea537bce032fcf5.exe 181F4E8FB6126EF1895AAE2ECA6E9FB5D7BB9E36778268B17A8B8CCC0FBAD65C8F8E47F000C7BFB7451C7B164FA178B1887F9E26DF31898A00325ADC4D617AD3
    1⤵
    • Deletes itself
    • Executes dropped EXE
    PID:1968
  • C:\Users\Admin\AppData\Local\Temp\691d859047c536833ea537bce032fcf5.exe
    "C:\Users\Admin\AppData\Local\Temp\691d859047c536833ea537bce032fcf5.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2568

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\5725.tmp
    Filesize

    1.9MB

    MD5

    75d146b733854709b7d83f513cb229a8

    SHA1

    3872b4bad6b7c8b8f57f341675e1784c42fb2b3e

    SHA256

    8977d6b9678f05997320d6afd2aaba5b8952d77b87fc21ec1db8ac8477452aee

    SHA512

    7ff55aaa486275f8274419b4016d1dc7620b8781c41e7c059a34d98b985ade916e352b14629667c002091b00747ad5a39bbbd4e02f98175c9bd71cf406ea3372

    Download Submit

  • memory/1968-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2568-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download