Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

fcc4d77dd8...1a.exe

windows7-x64

7

fcc4d77dd8...1a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 17:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fcc4d77dd895ae252ddd6ba1fc4fcb1a.exe

  • Size

    1.9MB

  • MD5

    fcc4d77dd895ae252ddd6ba1fc4fcb1a

  • SHA1

    45816767911cf92d551b64836e6141a3a0b7be76

  • SHA256

    81e22c130ade7c83d432a9e5f18cca1eeacbdb9e094a1ca3d772c4db36be6ec4

  • SHA512

    cefba65e91a2ecca6dda9b965e4f0840d1cf15d02d9d7268f1d26aee7f030ef1015b5a2d6ed3d55057f123f2f4fc269443dca4eabb5326d020cb560cb15e854a

  • SSDEEP

    49152:Qoa1taC070dxVw+8lWdQ9WGfKzxrVxlMG:Qoa1taC0298oaW0Oz

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fcc4d77dd895ae252ddd6ba1fc4fcb1a.exe
    "C:\Users\Admin\AppData\Local\Temp\fcc4d77dd895ae252ddd6ba1fc4fcb1a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2736
    • C:\Users\Admin\AppData\Local\Temp\A2E.tmp
      "C:\Users\Admin\AppData\Local\Temp\A2E.tmp" --splashC:\Users\Admin\AppData\Local\Temp\fcc4d77dd895ae252ddd6ba1fc4fcb1a.exe 1AF0CA909D9D0EC82711D8EC36528B43CC184B12F4BC2B078005C575303E02BBAE9A6FA113C46F5A5F0D4E33724024EF45DF7B7AF9E19E44F9D3D6101F05AB0E
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\A2E.tmp
    Filesize

    499KB

    MD5

    b31d3abd61b1624c3459ab5d2d18f92f

    SHA1

    d43dc510bf963ebeea1771767077e5df7729f6fd

    SHA256

    a72307aa2882fdadb31a2819e90a3e472d54a9cc21222395f06b11ec54192a12

    SHA512

    069fee94a19538bb096918c0cac68d111e1fb9dbe7229017e3267a627f44aca5d8b97badd9740a3dff9325711284d43f4c02aff3fb84cfdb1ed7d78fcceb7a84

    Download Submit

  • \Users\Admin\AppData\Local\Temp\A2E.tmp
    Filesize

    481KB

    MD5

    34f085ae0e7835de26ac635b31230dc6

    SHA1

    666362f5ff5a06478b092d8114ca1cdc27942f30

    SHA256

    1d173411a7da0fbe834cb4b3a1d840005798ca3349bc87e2bc7612f6869e445e

    SHA512

    02b8e738cc387be960b949c93c5941b1968f5cf827ea606904e5750c8eb17ab9c169f0172d8d4e7d4e065670f94e9e3fd5d441ee321438ebd84b4711b098d3eb

    Download Submit

  • memory/2036-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2736-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download