Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

1244a7fe9f...9c.exe

windows7-x64

7

1244a7fe9f...9c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    4s
  • max time network
    67s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/12/2023, 21:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1244a7fe9f2bd24290ed00e7c2fd039c.exe

  • Size

    6.4MB

  • MD5

    1244a7fe9f2bd24290ed00e7c2fd039c

  • SHA1

    7c8025a218937c70897d14f182de1324fccb9049

  • SHA256

    664c22959e545e05ca6ca1a1012881a731015894be9c89c00118208379174765

  • SHA512

    32d17f4acdf22df347773dc16b284d8f9d70dcbb1df3ad306e4b1dba23015118a0de49227fdcff2be159ba9f12ee2ebcb7ba4177c2e52b1eacb1c2cd390b6a1e

  • SSDEEP

    196608:/DXJryvp10aEvcRVcdaNaqH+ex+PdQ3iVci1zwXAk:/rNyb1fcsNaqN+PZfNwwk

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops desktop.ini file(s) 2 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1244a7fe9f2bd24290ed00e7c2fd039c.exe
    "C:\Users\Admin\AppData\Local\Temp\1244a7fe9f2bd24290ed00e7c2fd039c.exe"
    1⤵
    • Loads dropped DLL
    • Drops desktop.ini file(s)
    • Drops file in Windows directory
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:3472

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\wy1x4n1j.2mq\7z.dll
    Filesize

    24KB

    MD5

    f5da1484d5bd8ff93acb27366cfa9668

    SHA1

    49fc2b0c1e9883250c7abb8484dbf3bfb8c2350f

    SHA256

    783126793bc39aa92a820504c6d8d548c30c729ff6d7aa1716ce2ec938618939

    SHA512

    09e7cf2f528d30e64bff5dec332c67caa4c16bad945700e5d62e2b63612f46bf0bca533285a3585ce71db7a08a7a1bbb56cc777dccec9a041d049bb17bf322ab

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\wy1x4n1j.2mq\html\images\bg-1.png
    Filesize

    1KB

    MD5

    9a06214c6652c451f6819254768c5e35

    SHA1

    c480e083fb049e95c8617f6532fdb244940d640c

    SHA256

    e31b99b201243f380fc11f6b11dafb34749b53152b77cbd6ff6a969bd0a61d17

    SHA512

    6349be9751b25dd280ebc3f295c923989afd8e473ae3d729b22b43f041e80237a182230d7e43cb6c467f7eddb4d776807f7a9b2f8f28cba93f0e5cd2a29f105d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\wy1x4n1j.2mq\html\page.html
    Filesize

    2KB

    MD5

    11c92dee6ee98a81980f6af71fb4ab33

    SHA1

    1e0902d94836b00de4c464c48cfd2490bcbaa7fa

    SHA256

    5feaa2e80be13ed7f053f0837e970f85b08398e877e8dd8733acd965a5991a4b

    SHA512

    0afaa0c0ca2876958add84fa4c845e0fcb8ac67fab99bda0d96745ab8b54272f08d58179238e9f6765c2edd42a22d3c1250d1ba406372e8e78b3bd7350bc3ad5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\wy1x4n1j.2mq\html\page.html
    Filesize

    1KB

    MD5

    3813d5551798528cd465f582aac9f8d2

    SHA1

    2f1219c4475b029c1be71a4820bd8947213d5250

    SHA256

    9092d455916202d81d415fed0e399666ff921e2a972d44c11f1c3945ddfbc479

    SHA512

    7415614b33a4ea2304158e1e55755b1e7f8a14b208605aadde7045e315357bb2e6b4e68677a0aeba835fa6f9d4b4683c1c01d72c6ff5e98010530b780ea338dc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\wy1x4n1j.2mq\html\page4.html
    Filesize

    2KB

    MD5

    ae6775109e86d7a90552ae9897d9e238

    SHA1

    6f87a00f82f206ac741c234cf3e551757ae88ec5

    SHA256

    019c5754b3e8a9aea7163f27b661fada55e93b2ecd1e3d5460b8c6466462696d

    SHA512

    318506d90447b9dd76c5bc42a23b489671d83f0f0f759f4e30902e6375bbdb23a726ebba5362e6ce536579a63612d88ec42ac7b8a222ea8cc4dfaad319ced241

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\wy1x4n1j.2mq\html\page44.html
    Filesize

    2KB

    MD5

    b830b0d504e67ade99d97a097fa8dac9

    SHA1

    c1832a0af7bb4a8c61a10a46b0b02f55aca5f399

    SHA256

    9b9430f6855bedffe20ae65573aaa8d87cc017266353bfd813740885ebeaccd2

    SHA512

    fdacb86b4cce235b2facc699cb257211773aacd96cb6805e026c9e6da9e79e0bbc5ff2e8bc55160b2b355dffefc6f1dcb6541708c87cc46a81d0a1f01db13f51

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\wy1x4n1j.2mq\html\page45.html
    Filesize

    2KB

    MD5

    95d639db5201007754b6debcb39aa45d

    SHA1

    a08876c698ba17935021fe927398689e609972d1

    SHA256

    37b8148067cbfc40544d2e6b9909fd13e979c2eb305ee8de2ba2a5d782bf79dc

    SHA512

    124f98a72ec6d742fad9a6bd265e79bfa6a2fc83382e1e8cf577b5d70eea0ec0d6ed851d5b5a4b955bb8a7908351c7c9026c081109464c61d40d8a46f1cf992f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\wy1x4n1j.2mq\html\page46.html
    Filesize

    2KB

    MD5

    4abb7a604419a117bf4d99ca44fa3a48

    SHA1

    287036f9b429416bc6c95556a0bacdc41ebf5e72

    SHA256

    23468aeedd86bba81dc63230edcd20e29796ce48b40a920cdfc78dc8ef47e6fc

    SHA512

    dbd42df706fd94d5e350af837758d010271941faf59dda7f7597f1a705764d31fba1b0a2b8e7122dff9ad23ca6398c642bb933ad01bd27f939f0486b06bcf9cc

    Download Submit

  • memory/3472-160-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-167-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-15-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-161-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-0-0x0000000074B50000-0x0000000075101000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/3472-163-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-162-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-164-0x0000000074B50000-0x0000000075101000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/3472-165-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-28-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-166-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-168-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-169-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-2-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-1-0x0000000074B50000-0x0000000075101000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/3472-178-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3472-177-0x0000000000C90000-0x0000000000CA0000-memory.dmp

    Filesize

    64KB

    Download