Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

121ce9fa92...f8.exe

windows7-x64

7

121ce9fa92...f8.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24/12/2023, 20:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    121ce9fa922ffd09870fc68bd7ef42f8.exe

  • Size

    6.7MB

  • MD5

    121ce9fa922ffd09870fc68bd7ef42f8

  • SHA1

    710aceb5f8a0c6c63f0ad47b8075d74de4df24c9

  • SHA256

    64af0fae0c14f3c50396afe88ffc67b0f21f870f8b9f89e449a311ba9690b2cd

  • SHA512

    cf9804dff17ad43c120024c62efbd83cf2a129c674bb10336da3a4150d55da4bf626de60bbd62f5ec971f04c8393a8b22ac48794927a225f8a0e2fffeefa13f8

  • SSDEEP

    196608:e/PmCsXDjDyf6L2WliXYrHW1L0KF1aOH+v4SV:iPmCEDVL2ciIrHWRV1F+w

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\121ce9fa922ffd09870fc68bd7ef42f8.exe
    "C:\Users\Admin\AppData\Local\Temp\121ce9fa922ffd09870fc68bd7ef42f8.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2096
    • C:\Users\Admin\AppData\Local\Temp\121ce9fa922ffd09870fc68bd7ef42f8.exe
      "C:\Users\Admin\AppData\Local\Temp\121ce9fa922ffd09870fc68bd7ef42f8.exe"
      2⤵
      • Loads dropped DLL
      PID:2748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI20962\python39.dll
    Filesize

    469KB

    MD5

    6d6446923ceeefb4ee78a10b1879bc30

    SHA1

    9ccdeb1af0839c135f7a796a24ccad9549687257

    SHA256

    6270a4207a81d4d6b9ea840158d5c0aec53b495bc43b41b956ca867174379020

    SHA512

    176f6ab5f8f8de9fbe978b96133f582e5a1e9ec2133c9aadc11f3d516211faf4d3b04d9fa432ab4c76871fc1a60c9df5c37c92602a6dc24db4e2171d6f455118

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI20962\python39.dll
    Filesize

    2.9MB

    MD5

    216fe4e1721aa0cce331b056bfda8c81

    SHA1

    b71330ae7e448a799f182a12e7aec56f77704ccd

    SHA256

    79ba2a2d170a8ef6c078d8bdd35885d4ebe8bdb9ca6d1b2ae037ff245f2b210b

    SHA512

    af5aef0f812f96c9770efc2906719e45da84ce7ec478ca46f3e31199cc1cf62d024e26837a92c8196fba7158be2a6202a24141744b4ff1da24eb18512232f28b

    Download Submit