Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

841b390604...c8.exe

windows7-x64

1

841b390604...c8.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    145s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/12/2023, 04:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    841b390604b801c76f1d81a78fd1f02030fe1b834f3dc343e28d8be31fad1fc8.exe

  • Size

    2.8MB

  • MD5

    669abcc7cd8ce0c791cac93aac2ca212

  • SHA1

    6deb9e77b0a015ba23f955beec0e169a3c14be6e

  • SHA256

    841b390604b801c76f1d81a78fd1f02030fe1b834f3dc343e28d8be31fad1fc8

  • SHA512

    b33bff04eb1e7ee1a38ed7427a9d9efffeae2fa1b8e007792edb944c262f0ebb9663c88eef325f821f8d0a4f467a64cdcbf7ecb206e47f69cfb99c781fca2d0d

  • SSDEEP

    49152:JF7JcCVDIkS6fIXJCk8sDUHjWNmCmnn24DtM5m0oApal7A:j0hA7FDtM5loAYl7A

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\841b390604b801c76f1d81a78fd1f02030fe1b834f3dc343e28d8be31fad1fc8.exe
    "C:\Users\Admin\AppData\Local\Temp\841b390604b801c76f1d81a78fd1f02030fe1b834f3dc343e28d8be31fad1fc8.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4648
    • C:\Windows\system32\WerFault.exe
      \??\C:\Windows\system32\WerFault.exe
      2⤵
        PID:4952
      • C:\Users\Admin\AppData\Local\MediaUpdate.exe
        \??\C:\Users\Admin\AppData\Local\MediaUpdate.exe
        2⤵
        • Executes dropped EXE
        • Suspicious use of SetWindowsHookEx
        PID:3724
        • C:\Windows\system32\WerFault.exe
          \??\C:\Windows\system32\WerFault.exe
          3⤵
            PID:1884

      Network

      MITRE ATT&CK Enterprise v15

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\MediaUpdate.exe
        Filesize

        464KB

        MD5

        c6441fd6aef962204754bd82f782fcbf

        SHA1

        e610fc93d181b3bba65e4f9a75ed03ef2471912f

        SHA256

        ef23bd86d64579bfbf5aa4919241b13b15b12353f53ef77f08935cb551a376e1

        SHA512

        2fd327d7c9b4ff08816989b78865d8e23fd59c182cc392f41c8c56323a4f945c964d808c1e7f1bb0c248e4a447ee48fac0941aacfa42ceae818d71f05ad5d230

        Download Submit

      • memory/3724-7-0x00007FF8E3BF0000-0x00007FF8E3DE5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/3724-8-0x00007FF8E3BF0000-0x00007FF8E3DE5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/3724-6-0x00007FF8E3BF0000-0x00007FF8E3DE5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/3724-10-0x00007FF8E3BF0000-0x00007FF8E3DE5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4648-0-0x00007FF8E3BF0000-0x00007FF8E3DE5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4648-2-0x00007FF8E3BF0000-0x00007FF8E3DE5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4648-1-0x00007FF8E3BF0000-0x00007FF8E3DE5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/4648-9-0x00007FF8E3BF0000-0x00007FF8E3DE5000-memory.dmp

        Filesize

        2.0MB

        Download