Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

6c04cf46bb...93.exe

windows7-x64

7

6c04cf46bb...93.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 05:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6c04cf46bb52dfbab35ec9a53df2c393.exe

  • Size

    1.9MB

  • MD5

    6c04cf46bb52dfbab35ec9a53df2c393

  • SHA1

    09b02618d7fefa550dff1f4070ad855d3956f750

  • SHA256

    ab7bcdc25afedfe46bea06a4d886e175eae6f23cd956ee0ec0601cdb056064b3

  • SHA512

    a3b6fd3ea7af51a72d50de86ff228257a6cbaefef32dc49243a26ad97679c61bc59a462984b69f2290dfe829a548ebf0cac9d8a8a9953d6123aa81bb95c15c55

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10dNvgjO84dkDnI21PSJI1L23VFZ1c9JmJlQR91:Qoa1taC070dcn02w529JmJlP8eyZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6c04cf46bb52dfbab35ec9a53df2c393.exe
    "C:\Users\Admin\AppData\Local\Temp\6c04cf46bb52dfbab35ec9a53df2c393.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:812
    • C:\Users\Admin\AppData\Local\Temp\8B9D.tmp
      "C:\Users\Admin\AppData\Local\Temp\8B9D.tmp" --splashC:\Users\Admin\AppData\Local\Temp\6c04cf46bb52dfbab35ec9a53df2c393.exe 300B145CE5392E81C5E63EF2E7666A1A097DCB606F2BE5FF7C7AC65C56A05DACE1C3C9CFEBC401B8F51CD2119CE31EB9A6D925BB51C87B2CACEB0B02AD5AA195
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2380

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\8B9D.tmp
    Filesize

    1.9MB

    MD5

    73bf5e23e86930f4d782a0986a449e83

    SHA1

    d1b79829ce4bd2d8e516028cbc3628b784dc8fe0

    SHA256

    45240688b73fdd17dffc174a431a8660852ffe3bd8798c9a28d963ea0815ec0f

    SHA512

    1f9528a413081a0e03f5422fa16f29b2f2edb8861ccd2c0e59e0cbfd001e3e1b6b5ece431d3a7eb09d21379106c199e3287584cf8418c67ccc46623ea5a6dd07

    Download Submit

  • memory/812-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2380-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download