Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

0e7c3b1fe9...86.exe

windows7-x64

7

0e7c3b1fe9...86.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    103s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 07:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0e7c3b1fe9ecfc33edbab72073db7a86.exe

  • Size

    1.1MB

  • MD5

    0e7c3b1fe9ecfc33edbab72073db7a86

  • SHA1

    98d33da45e2c47d6a87d6c382fa50569723aa9a3

  • SHA256

    e7ff55344e29b147efe5d1da91ab733480e6b481384e47d7ddc8ba1ccb5324b4

  • SHA512

    d0417eea02cd19b7512f87087665f4e24101c357906339d652107241a2a9cc1a9d9c670c5b37a397b12646cba348f8e22903cc9e641be77af81dc43feba29fdb

  • SSDEEP

    24576:xvTdadr+JBPPGFjVHhNwaGnNQsUReWOM+YVVGLuAoS:xvTAtaBXKDNwrNQDeWOMnsP

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0e7c3b1fe9ecfc33edbab72073db7a86.exe
    "C:\Users\Admin\AppData\Local\Temp\0e7c3b1fe9ecfc33edbab72073db7a86.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E_4\krnln.fnr
    Filesize

    113KB

    MD5

    eed66cde7e023050c6933b24d9772054

    SHA1

    18031a447422594e3c0cb1fd105f9fe7ee6e5919

    SHA256

    293195b4438d8b6594ad7ba6e2a22bf1a7dfd79e79d58e63242ce262a79d6f3e

    SHA512

    47e29f57fccd49a3b1fcc25ef8e52781e753eb01cd96356eecf8d01764549b42941e05fa87d5aaed0b53a12032507df83c5861ec6260f9bf8ea45b5f70a68091

    Download Submit

  • memory/4948-0-0x0000000000400000-0x0000000000426000-memory.dmp

    Filesize

    152KB

    Download

  • memory/4948-6-0x0000000000400000-0x0000000000426000-memory.dmp

    Filesize

    152KB

    Download