Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

14154a5fc3...b3.exe

windows7-x64

7

14154a5fc3...b3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    0s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    24/12/2023, 21:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    14154a5fc3b7019dd3ef06c003d4d7b3.exe

  • Size

    227KB

  • MD5

    14154a5fc3b7019dd3ef06c003d4d7b3

  • SHA1

    92b3749ba47c497055ca5243814d4a05eb5b9dac

  • SHA256

    232c571f63f3d5f912d4b826b950090d11df00f85d97393d623bc80552645e49

  • SHA512

    a0bc1da22ee0be292ba9a47bd5ae7f0374f00d9ee2884de061c08525bc4003361ee5197ca69c851cdce24457ba4ee94477e1fbe0507cfd4ba2fc263a3d1bee3c

  • SSDEEP

    6144:kp4wdZ3t4A6M2kwp+E4tEZw7BkJgSoS3VFd:kp4wj3t9B7wp+1+w7NSoS3t

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\14154a5fc3b7019dd3ef06c003d4d7b3.exe
    "C:\Users\Admin\AppData\Local\Temp\14154a5fc3b7019dd3ef06c003d4d7b3.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2376
    • C:\Windows\SysWOW64\cscript.exe
      cscript //NoLogo C:\Users\Admin\AppData\Local\Temp\hd.vbs
      2⤵
        PID:2068
      • C:\Users\Admin\AppData\Local\Temp\14154A~1.EXE
        "C:\Users\Admin\AppData\Local\Temp\14154A~1.EXE" /asService /logPath "C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log"
        2⤵
          PID:2600

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        1KB

        MD5

        fd8ee97743a7a6c86e88bd3ffdb2e6e7

        SHA1

        d822aebf4e372a6e7fb6bfa447f76fe099451b97

        SHA256

        acb57394411a3dec8aa5c34e025bfc4e554931062c8b19bbe48dc8d27e22d1b6

        SHA512

        3aa69290a8ba20dbdf4e684b429d5d4fd4eb6abb3216ea48294edde58f68c4334050068a9e2cf36d1c8387521b23b3bd9a9c658dc3b5aeef991e8ceb4a1294ad

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        7KB

        MD5

        eceb43e3fb42373bc6af0466f78693b8

        SHA1

        b960694c36253127f09949754ef828e56ed00e95

        SHA256

        059d38ff44a6fdbb30ac7fcb3fe9d1c15c5e3cb24e5c91877ebdb344786bc30c

        SHA512

        7ec09f266cc4da7643f66afb88b95396c31629e6c9c1885b0e2d207dccc8441b918dd97dc126e6825c810b44850c509706665279848ad10b47961ab82cf62df6

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        8KB

        MD5

        02981861cffe34c86bf5091514b8a277

        SHA1

        cecd66f1d804811e1c60281faeee78d9cef2a841

        SHA256

        1992f21e89894624cec1a0dd845f1651067fff5c09f52d4b2cdf63216e39f60f

        SHA512

        0258553a5d60df18b8abe9f8cf9b0d4448cd2c178b3110ed9e208cf5c20b0a2a2f5e154d20cab4c3e8e25c52dc91ce3b99ae779d4eebcfd0a8e87342773d0038

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        8KB

        MD5

        6a70512f8b58f7d881c64323665eae9a

        SHA1

        f15ef6d7050cf0d55d7ffa08d46ab2db087ec633

        SHA256

        b1089863c669f3562fdfb05bc3af3202c26ac098d0dde367fef9684ba305c11c

        SHA512

        c9426a6ace447a318c01f2bc92691f20c06dea2685508ed84be56a2a5313067e80b08639d57a883b0171994ab7f000b16070e90ac39917c61bd4599278f84606

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        5KB

        MD5

        15a0e04bcda58d006d89faa0a764d87b

        SHA1

        5de3a6714cee921e2501f8d52e5dad165bbb4d02

        SHA256

        f6c0f13de90e91b801865ae607e3451a68010b8f6ab1343ba05081d456c1208e

        SHA512

        738a79fae10d3efa8171c53440eae7928ba40d4e4ac1b6afc0271b2cf950f8c92d945098b82b4e81b42723f930a57b509e505575d7650b6de7fa2a57031b3733

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        8KB

        MD5

        09353c637fa54053ac138fffd7c2ba40

        SHA1

        0d1ee83b810c97ac064cc48e431910c19400792a

        SHA256

        727851254bf94f9e756b7495ed1865ade4461dae06e61f16a956b8de848fe9ee

        SHA512

        7824af968a9c2f7b58c3f446ca84e3a64f661f3763c147892223cef3b3fc62413951e321a70de9a8ba1d4b5cea13ca57a7017bf63a928d5a898d75414db13cd1

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        9KB

        MD5

        077406c96983567563578549ffa171c3

        SHA1

        c02e8bacae83d8cf3494441f8ebb1cfb4a541143

        SHA256

        967f08f0368cf671bf0a370434eb19524e5c11bd0073239d0b068534a4a70861

        SHA512

        e5af6f2b15a1eca8c71969ec49fb39fc0951f8f0db623933625f6f302a27c6e7bb0324ec163e6bc89d411dd323ed9f36bd2fc5cddf0d72d95024038273e2636d

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        10KB

        MD5

        196d6bf4fbaf33a02e6bebc297dd979f

        SHA1

        3f060d130e5395a7b902357dd5f24c76bfc200c8

        SHA256

        f2bc9350b526f8c2aff0b423f6f36d7e690873c7b0a396b0bd46a83c722ef50a

        SHA512

        98437a4ad1b913e1cfced33da08551f8cf2b6830774b37356a41fd9b322eda7f4ac933d672df96fd09c5359931a365f893d08efb75ae49477cc16eb5348b2769

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        7KB

        MD5

        abeeaa1111618886ce703b2a0b5cfd38

        SHA1

        08b9e1967d841c74ce48d4d756ed923ece07f03c

        SHA256

        3cb1810dab6e1bdca15b6340f1911f45b22182831fcb1180f1d4bb4bb6c0b6c9

        SHA512

        bd17031a8dbb7cf9b97ebae9c6a6ec5b036b3381af08b709e87f0739a6f837d3eec04e754eb468b97b06c8be56b839be5bf11018f73d47e465b5d001919b8d67

        Download Submit

      • C:\Users\Admin\AppData\Roaming\Zona\tmp\133480095457380000jre_packed.exe
        Filesize

        153B

        MD5

        a53e183b2c571a68b246ad570b76da19

        SHA1

        7eac95d26ba1e92a3b4d6fd47ee057f00274ac13

        SHA256

        29574dc19a017adc4a026deb6d9a90708110eafe9a6acdc6496317382f9a4dc7

        SHA512

        1ca8f70acd82a194984a248a15541e0d2c75e052e00fc43c1c6b6682941dad6ce4b6c2cab4833e208e79f3546758c30857d1d4a3b05d8e571f0ce7a3a5b357be

        Download Submit

      • memory/2376-0-0x00000000009D0000-0x0000000000A6E000-memory.dmp

        Filesize

        632KB

        Download

      • memory/2376-40-0x00000000036F0000-0x000000000378E000-memory.dmp

        Filesize

        632KB

        Download

      • memory/2376-138-0x00000000009D0000-0x0000000000A6E000-memory.dmp

        Filesize

        632KB

        Download

      • memory/2600-139-0x00000000009D0000-0x0000000000A6E000-memory.dmp

        Filesize

        632KB

        Download

      • memory/2600-41-0x00000000009D0000-0x0000000000A6E000-memory.dmp

        Filesize

        632KB

        Download