Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

7ba729f6f9...90.exe

windows7-x64

7ba729f6f9...90.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/12/2023, 08:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7ba729f6f9dcbaf436232cd4d6d84490.exe

  • Size

    3.8MB

  • MD5

    7ba729f6f9dcbaf436232cd4d6d84490

  • SHA1

    5246f70f12a925ded1c989667f5d6787c507e9e3

  • SHA256

    38204cae2ed4108029292fc9e0025744c9696c374bfb01fdf3dbb5bdeb9ba4cb

  • SHA512

    12d52a8555125bee738dc7f10cdc2414bdec5e5723cb7163311647eb6535f7a3a2330ca272b291007c6fc1cff80d374233034ae92ea572628f438003107f43ef

  • SSDEEP

    49152:EQFRHrmQG+ZQG+6Re+j+QG+ZQFrmQG+ZQx+ZQ5j+QG+ZQFr8QG+ZQxLQG+ZQG+6s:EcKGT+G3G/I+GHGIGT+G3G/I+GHc

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7ba729f6f9dcbaf436232cd4d6d84490.exe
    "C:\Users\Admin\AppData\Local\Temp\7ba729f6f9dcbaf436232cd4d6d84490.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2884
    • C:\Users\Admin\AppData\Local\Temp\usr.exe
      C:\Users\Admin\AppData\Local\Temp\usr.exe -run C:\Users\Admin\AppData\Local\Temp\7ba729f6f9dcbaf436232cd4d6d84490.exe
      2⤵
      • Executes dropped EXE
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\usr.exe
    Filesize

    196KB

    MD5

    6d0d98c4f732768181980d215745812c

    SHA1

    c3809c67a19b5840a626776fc939473e6304bdf3

    SHA256

    cb88e054b40c62f711a4705503df565a38e165ef33ea00afbda1aae681fdcb28

    SHA512

    7eb208eaf3f768c545429d64e6d3bbcf1097c04a92e77730a93f8f96f0ca6278a3a3a11c76e60f032e70ac07c8a6e13fcfbb220ebd80d05dc53930a3c12c9335

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\usr.exe
    Filesize

    214KB

    MD5

    33452576940289dfb782ffbf7b11ace2

    SHA1

    0e29116495f524bc87cc64ae4e7be9ce4e446ded

    SHA256

    2d0f2bdf20dafc0b08f609482daa00001f11bb3383f6ebd8806649e6ebf0739d

    SHA512

    2d35110a82e892d3e3b25a3ca8b17cee8245bd95d85322b93554d5c85a18f9ab3a27d116d3f943cd743bb546223da396e6ed9de9c3ce163576dabf2accd5b537

    Download Submit

  • memory/916-55-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-65-0x0000000003970000-0x0000000003971000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-60-0x0000000003970000-0x0000000003CF4000-memory.dmp

    Filesize

    3.5MB

    Download

  • memory/916-251-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/916-62-0x0000000003970000-0x0000000003CF4000-memory.dmp

    Filesize

    3.5MB

    Download

  • memory/916-63-0x0000000003970000-0x0000000003971000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-54-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-66-0x0000000003970000-0x0000000003971000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-57-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-56-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-59-0x0000000003970000-0x0000000003971000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-58-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-49-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-52-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-51-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-50-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-53-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-48-0x0000000003510000-0x0000000003511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-67-0x0000000003970000-0x0000000003971000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-68-0x0000000003970000-0x0000000003971000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-69-0x0000000003970000-0x0000000003971000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-64-0x0000000003970000-0x0000000003971000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-47-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/916-46-0x0000000002090000-0x00000000020E0000-memory.dmp

    Filesize

    320KB

    Download

  • memory/2884-28-0x0000000002D90000-0x0000000002D96000-memory.dmp

    Filesize

    24KB

    Download

  • memory/2884-23-0x00000000025C0000-0x00000000025C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-42-0x0000000002E60000-0x0000000002E61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-37-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2884-35-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2884-32-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2884-31-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2884-30-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2884-43-0x0000000002E60000-0x0000000002E61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-27-0x0000000002600000-0x0000000002601000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-26-0x00000000025E0000-0x00000000025E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-45-0x0000000002E60000-0x0000000002E61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-44-0x0000000002310000-0x0000000002360000-memory.dmp

    Filesize

    320KB

    Download

  • memory/2884-41-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2884-33-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2884-34-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2884-29-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2884-2-0x00000000023A0000-0x00000000023A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-1-0x0000000002310000-0x0000000002360000-memory.dmp

    Filesize

    320KB

    Download

  • memory/2884-25-0x00000000025B0000-0x00000000025B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-24-0x00000000025F0000-0x00000000025F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-40-0x0000000002E60000-0x0000000002E61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-22-0x00000000025D0000-0x00000000025D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-21-0x0000000002610000-0x0000000002611000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-20-0x0000000002580000-0x0000000002581000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-19-0x0000000002570000-0x0000000002571000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-18-0x0000000002530000-0x0000000002531000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-17-0x00000000023F0000-0x00000000023F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-15-0x0000000002540000-0x0000000002541000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-14-0x0000000002510000-0x0000000002511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-13-0x0000000002520000-0x0000000002521000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-12-0x0000000002560000-0x0000000002561000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-11-0x0000000002DA0000-0x0000000002DA2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2884-10-0x0000000002390000-0x0000000002391000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-9-0x0000000002DB0000-0x0000000002DB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-8-0x00000000023B0000-0x00000000023B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-7-0x0000000002370000-0x0000000002371000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-6-0x00000000022A0000-0x00000000022A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-5-0x0000000002380000-0x0000000002381000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-4-0x0000000002300000-0x0000000002301000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-3-0x0000000002360000-0x0000000002361000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2884-0-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download