Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

171d101063...b8.exe

windows7-x64

7

171d101063...b8.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/12/2023, 22:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    171d10106380369161b6ca43da7b2cb8.exe

  • Size

    1.0MB

  • MD5

    171d10106380369161b6ca43da7b2cb8

  • SHA1

    4fc55c7eac2d4730471298e09c6b621b002e4cf8

  • SHA256

    e36ab1273838ef97be2cf315c497da7ab3d61051d85c40236d02d3fa419e89aa

  • SHA512

    71c19a7fa284f06e89d8eb2f35d31e5b3fdc1ac48db9a631db483d42895bf8a5c22b883f6d209466a45b8cbd29c4879e101c1067d0b9da8e5f5f12633a296b5f

  • SSDEEP

    24576:kf+VLLoy7yDZgDstOXV7cFxAtdEBnBEwOvMOW57Phq1uvO1zSqqhi3I:UyH7yFgiOt2BnXll7P+KOUZ

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\171d10106380369161b6ca43da7b2cb8.exe
    "C:\Users\Admin\AppData\Local\Temp\171d10106380369161b6ca43da7b2cb8.exe"
    1⤵
    • Loads dropped DLL
    PID:788

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsh7E2A.tmp\InstallOptions.dll
    Filesize

    14KB

    MD5

    0dc0cc7a6d9db685bf05a7e5f3ea4781

    SHA1

    5d8b6268eeec9d8d904bc9d988a4b588b392213f

    SHA256

    8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    SHA512

    814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsh7E2A.tmp\ioSpecial.ini
    Filesize

    647B

    MD5

    a20514b59672de481dc5f84e401c7520

    SHA1

    f5bf95c47aa19e7533bbdc6cff777e9c5155101d

    SHA256

    8d847639cec6b7cc394838ec1600c88f9330e45b6fd2f711b2505b83601c416b

    SHA512

    465e04b82168b4aa9ca05120b5bf4565bdf91306c0832240600025cf07acd28833897b5e581d102edd0945535a64a7f8ea368bf6e00378252a5b280908d003f3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsh7E2A.tmp\ioSpecial.ini
    Filesize

    660B

    MD5

    a25515e75024369634183be1532b8577

    SHA1

    174246c2379b009b95adbe91357faccd81287be8

    SHA256

    afaf9db88fb715242a55c6106dd0afb1298ebf852e6e85b1179d25462a962117

    SHA512

    3065c4cee4deeec4af6c7f74c51b2a2501a106da284f6b87e5b28ec43c98e075ba413ac38cf826e38a595b885df96b98bca6fe9b9c36a12d17b29cd6850aef7b

    Download Submit