Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4234354a0e...be.exe

windows7-x64

7

4234354a0e...be.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 23:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4234354a0ed4ba288a2a3d77a8dd17be.exe

  • Size

    485KB

  • MD5

    4234354a0ed4ba288a2a3d77a8dd17be

  • SHA1

    39b36a63464382907f8f4f2e50b2f13e83d471e1

  • SHA256

    11a0b8d7d790a91241404749b6e216d4905f834805dd0db08e70be529a3d8f18

  • SHA512

    ded8defa2a27d1be34828bc228a540f1b871eddc5627aebf1f6d9a462d9bc626b881ebea1ddaa0ab4ef6bf9c75980f28e0aa5696a5ef5aacd97f88d6f20cd56a

  • SSDEEP

    12288:Ed8mJpcc+LN/Dekk4UdzAyOnsOq2jK11vh0rf:RmJph+5/DdPUdzAyOsORjK115Y

Score
7/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4234354a0ed4ba288a2a3d77a8dd17be.exe
    "C:\Users\Admin\AppData\Local\Temp\4234354a0ed4ba288a2a3d77a8dd17be.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\cgi4314.tmp
    Filesize

    29KB

    MD5

    10883de22c528eb2daec4f6f9c681bed

    SHA1

    9a0c5b3632ec06631a38a60add9da34f75075526

    SHA256

    62bd69b074bb51b7ef771446f3abe1a2de8446a5f1d40c8e0645c4852ebb4a3f

    SHA512

    68b9274914083e56c6f19fa77149a1a8dbb0ceb484206b19818a0e44ba1cf01cb5540467c11f504d11d0b7b5dd03c1680e5367c600d07cc94b8cc33375810fa9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\cgi4314.tmp
    Filesize

    56KB

    MD5

    3d0bb7520f5fdc1b9cd50ab3bac4fb90

    SHA1

    f86c3b09f50c0475e6f305e468dbdde9d486f8a1

    SHA256

    1fef0efd53db00ba6802993eaa4a56d308cc82a7b4dfeec435779337c15e838d

    SHA512

    05367bf1ab822ab503d46c9fa62b5ea40779ad38eaf6cf9d8b4dca26824f057fbb9a2dd37ca43be2c245fc2087f761a47f52bc8a156616dd16811aeb3a72bd8f

    Download Submit

  • memory/1664-0-0x0000000000400000-0x000000000044F000-memory.dmp

    Filesize

    316KB

    Download

  • memory/1664-10-0x0000000000400000-0x000000000044F000-memory.dmp

    Filesize

    316KB

    Download

  • memory/1664-8-0x0000000002240000-0x00000000022B3000-memory.dmp

    Filesize

    460KB

    Download

  • memory/1664-7-0x0000000002240000-0x00000000022B3000-memory.dmp

    Filesize

    460KB

    Download