Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

f113f29e4c...0a.exe

windows7-x64

7

f113f29e4c...0a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    23/12/2023, 06:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f113f29e4c87962d9ac5f4df6e4203ec24ab28bab1af564a22e80f7461a4f70a.exe

  • Size

    9.9MB

  • MD5

    967a211c475579fa4ccbd8c8ce9b03f9

  • SHA1

    8be6abd050aed176d4f9772501acdde3f22ac95f

  • SHA256

    f113f29e4c87962d9ac5f4df6e4203ec24ab28bab1af564a22e80f7461a4f70a

  • SHA512

    e793194fd87598f6a594e746f279a9b61d82942ba788f9eb37b83c7fe745ae05ec51c6e8f4e579b0700d674bf1556b9893446dca88cc323411114bca5559f7f6

  • SSDEEP

    196608:EYl21W903eV4Q2tpDjIIAcwD/au5p0W8/LQhoANNERPEvvk9LIL:JcW+eGQi9jo/au5qW80hoA/EZk

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f113f29e4c87962d9ac5f4df6e4203ec24ab28bab1af564a22e80f7461a4f70a.exe
    "C:\Users\Admin\AppData\Local\Temp\f113f29e4c87962d9ac5f4df6e4203ec24ab28bab1af564a22e80f7461a4f70a.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2216
    • C:\Users\Admin\AppData\Local\Temp\f113f29e4c87962d9ac5f4df6e4203ec24ab28bab1af564a22e80f7461a4f70a.exe
      "C:\Users\Admin\AppData\Local\Temp\f113f29e4c87962d9ac5f4df6e4203ec24ab28bab1af564a22e80f7461a4f70a.exe"
      2⤵
      • Loads dropped DLL
      PID:704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22162\python312.dll
    Filesize

    361KB

    MD5

    6f634ecdf9df41edc4e9634accba1521

    SHA1

    1e67e01a2a9ee1497176d0b42d4f6c20637c5b57

    SHA256

    883e551b88fa63875b330548e0bfe4eac1de6ec997638d0857aac6025f788429

    SHA512

    2d808426b2ac55bb2b0c9933c9b4008477d7d84e1c987e5ae6bb25dfb1a4f5f1e8f4377a24425e731970d197646db262521dc12006d681e3abd443aed7126963

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI22162\python312.dll
    Filesize

    344KB

    MD5

    0308e232855a32b81c39ab754edbcb6b

    SHA1

    73627f4d41a7faf40c3caf03b2dd3d02f4d845e8

    SHA256

    26c49b805b1c531f884e611e94568aabdd8b928ced0bc75ac8d9fbd5f7345096

    SHA512

    c9b8aa80a1c59564dd51ff71451954c7647890a6b6a5e94b149b2475d4a2cd44fa3b2a5a26cdcc4786abe382c16c4b98c58a7afa5c9e963edbdbab3583c1bf73

    Download Submit