Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

3d737c9163...cf.exe

windows7-x64

7

3d737c9163...cf.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 21:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3d737c916309226c67d84aaf2f61a5cf.exe

  • Size

    22KB

  • MD5

    3d737c916309226c67d84aaf2f61a5cf

  • SHA1

    a68882ee6a33c318b6585a0ffdb60f4b9e95ab8c

  • SHA256

    98ce1f474b8daf8de284ae077e8d1b5680a8c431b98557198b02b3671669b1cd

  • SHA512

    a082e86dc6ee1636dcd8e7a7dbdf485a3319ac775d06011ae2f832efa7598c7cd5649749d0eb656034341eac32532c30e3a2c6d623c772cc6d09f3d5983ed999

  • SSDEEP

    384:f9jaJ7c52jPKDuvRw9+h8KY5YpCCTy/KFUmmQvlX9G3m3pi/72cTNbFFFFew:ljQjy8w9+hfY5YpCaKGNt19wm+bFFFFh

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3d737c916309226c67d84aaf2f61a5cf.exe
    "C:\Users\Admin\AppData\Local\Temp\3d737c916309226c67d84aaf2f61a5cf.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\msdfjsadfjd.dat
    Filesize

    26KB

    MD5

    b345b40223619ae843a19d651f8a9d9d

    SHA1

    ea1aeb61822c197ee25c230ed9449cca6b1d1662

    SHA256

    183fe681559cfafa855c07bba84804fa4cc4dbf4927d8e3508368004aab67a51

    SHA512

    235ec6cb1fcd0ea6257910821a0a728f7e59391b194b70263aa7d6256bce9e2d49962dd5f520a9bca2f83e7315dfc10b9773fe3840944497a3d13d81088e35ec

    Download Submit

  • memory/2400-0-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/2400-7-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download