Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

33813141d9...d8.exe

windows7-x64

3

33813141d9...d8.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    3s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 18:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    33813141d96c8d537b56c00f492b86d8.exe

  • Size

    1.1MB

  • MD5

    33813141d96c8d537b56c00f492b86d8

  • SHA1

    0d8ebbc0889a6ecf599625bb3636bd9a0ff3e680

  • SHA256

    213923d689922f8590cc822d62075841c80dc158b9281f05ec43d9f0de73ad56

  • SHA512

    feb394a73836b87d4383a77f7c6a0178e795ecb213b23d33054b13d9e95102520c6c59f7af14e22abd24d46e62badaf9e395616122bf6f04f7eba385465698db

  • SSDEEP

    12288:6Miy4IadS4ms5I6e66fEheKh6sfC444vk0kfyAfjfym0ArlDrmcZkQoxKk7HA4uO:6bSaE4mvt/H67AfKAr16CkQ8D7xD

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • NSIS installer 2 IoCs
    installer

Processes

  • C:\Users\Admin\AppData\Local\Temp\33813141d96c8d537b56c00f492b86d8.exe
    "C:\Users\Admin\AppData\Local\Temp\33813141d96c8d537b56c00f492b86d8.exe"
    1⤵
      PID:1708
      • C:\Users\Admin\AppData\Local\Temp\File.exe
        "C:\Users\Admin\AppData\Local\Temp\File.exe"
        2⤵
          PID:2600
      • C:\Windows\SysWOW64\Wbem\wmic.exe
        wmic /output:C:\Users\Admin\AppData\Local\Temp\81703604521.txt bios get serialnumber
        1⤵
          PID:3044
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 2908 -s 368
          1⤵
          • Program crash
          PID:628
        • C:\Windows\SysWOW64\Wbem\wmic.exe
          wmic /output:C:\Users\Admin\AppData\Local\Temp\81703604521.txt bios get version
          1⤵
            PID:2904
          • C:\Windows\SysWOW64\Wbem\wmic.exe
            wmic /output:C:\Users\Admin\AppData\Local\Temp\81703604521.txt bios get version
            1⤵
              PID:1792
            • C:\Windows\SysWOW64\Wbem\wmic.exe
              wmic /output:C:\Users\Admin\AppData\Local\Temp\81703604521.txt bios get version
              1⤵
                PID:2892
              • C:\Windows\SysWOW64\Wbem\wmic.exe
                wmic /output:C:\Users\Admin\AppData\Local\Temp\81703604521.txt bios get version
                1⤵
                  PID:1544
                • C:\Users\Admin\AppData\Local\Temp\ebjcabfbcebda.exe
                  C:\Users\Admin\AppData\Local\Temp\ebjcabfbcebda.exe 6,9,6,2,1,8,2,0,6,7,7 KUdDQjwqMTMaKExPOUpHQzUuIClHPk5OSVBKQUI9KxkoPkBNUkg8OzIxLSotFylBSDw7MBooSUxGPlNCTF1JPjYqMDAuHi5LQ1JQPktZTExKPGBydGozKClqbHQtPENTRSZNSUcnP09ILElIP0gaJj1KSDtJST42KSsoMzU2LTQ3KisrLSgqLjUxLzczGSg+KDcjMygjNCo8RUM8SFIsPEAtQz0eLicfMi8YLUQsNiYrFylCMjUrMRooPS40Jy8fJ0I1NyYqGiZKUE48U0NOWElMQFA/QlE7IClJS0k7T0FTV0NVRjo2GiZKUE48U0NOWEc7RD87HydDWD9YTkxDNx4uPVZFWTxGPkNDTEQ1Hi9CSExOVjxQTk9RRUw2KxomTkZARklZSU5YT0lGOx8nVE03KxkpO00vPBgtUk9HTUNEP11WPUpDSUY+Q0Q7RURNUEw3GShDSllQVEZSSUc+Nm5pb2MfJ1BFTk5LSEBIRV5NUUVMWD07UE07MRgtSEM9PlI0Kx4uQVFfPlJHO0RDQV49TENMUklOPD47ZVlqc18ZKD5GUUxLRz9EWUJJNygzNi0pMTcoKykoLRotU0FLRTcqLSwwLjQ4LzQ1Gig9SU5ISk45Ql9OQkY/NC4tMDEtMioqLiQtNDM1Mi41JElGGiZPPzxFbXpjZWVbHCxkNCYuKyJQYmhbaXVyI0xUJS8nKyAlP29oamVRXltFYG4jMV4zMzEnLDAiIklHTEtMHytcJWNjaWQjRWVdZGgjIj1mcWdrZR8rXy4pKC4tKjExKycyKiJNX2VZcGkfK18vKjEsMi4eL09LRTdfbnJvHTFhHytfHylgZWRscC4qKisqXihnbV5tJSxfS29lTmdsXUJvcWdlaVheS2BmX2dfa1heXGpqbnEjMmAqLSwwLjQ4LzQ2HytfKyssNzMuNzcwLx4sXSsyMTEyNjMwLzAcLWQ0Ly4yMCsqLi8wM1hkMzBIPGgzWXRpcERRNGJRTSpuR1JIb0p4L2ZIPW5wTVNBZWI+cG1CYy5xTjoyMEZhMXNDdDdESS5CRE1MKzpKQXNBT0IqbkRzOG5LQkpiYWdhX1MpSGROO2l4RnNGK0VkQ3RFUXNuRHNHbUVnMylMU2VxRz09Y1cxKW1PdD5iXWRIcE47cQ==
                  1⤵
                    PID:2908

                  Network

                  MITRE ATT&CK Matrix

                  Replay Monitor

                  Loading Replay Monitor...

                  Downloads

                  • C:\Users\Admin\AppData\Local\Temp\81703604521.txt
                    Filesize

                    66B

                    MD5

                    9025468f85256136f923096b01375964

                    SHA1

                    7fcd174999661594fa5f88890ffb195e9858cc52

                    SHA256

                    d5418014fa8e6e17d8992fd12c0dfecac8a34855603ea58133e87ea09c2130df

                    SHA512

                    92cac37c332e6e276a963d659986a79a79867df44682bfc2d77ed7784ffa5e2c149e5960a83d03ef4cf171be40a73e93a110aaa53b95152fa9a9da6b41d31e51

                    Download Submit

                  • C:\Users\Admin\AppData\Local\Temp\File.exe
                    Filesize

                    92KB

                    MD5

                    bac600218861e8da0ceaa34cd4b62f8e

                    SHA1

                    67eb0013849ec5ed02b768d2fc3e0004df03487e

                    SHA256

                    6e0ba4d98d1e7f1233f07152183c3ca31086ef0259c2fd1e021857145aed2694

                    SHA512

                    47c69eb4ef18e40914c8e08bcee714f1f5e40fded9c51a6f6ce05c3198f6665b86da18cb6e288cf84c76711dd7e880d4d8c55e931ae15629ae94001b603b0818

                    Download Submit

                  • C:\Users\Admin\AppData\Local\Temp\ebjcabfbcebda.exe
                    Filesize

                    92KB

                    MD5

                    83f792dfa7bcff4c986dcc34345ff78a

                    SHA1

                    8a638d1465cd7a93553929789d903b5f7f950f29

                    SHA256

                    7d8a3d7f131fbed1fcf2028142f1d380306845790c96c82f5f1e5f0f3786a120

                    SHA512

                    93d71b16dbd8f115f30a76e01a3a5f2f02fc4685ea8011737cbfbc2ee35ee629bb4656ac784d55b859adfd48360de597119452b3fb8f6de1a7dbe6be8b5e76e4

                    Download Submit

                  • C:\Users\Admin\AppData\Local\Temp\nsi2B07.tmp\clepa.dll
                    Filesize

                    126KB

                    MD5

                    a5ae3669d1a88e8d5379e188e2fc585b

                    SHA1

                    aa53b8ed5f49f7308f3667cb04285370447e0f74

                    SHA256

                    93cfe42e77397e7856456f04a7fd164550eeb3f1ae023c78daa12e72506b1566

                    SHA512

                    d788c0a3710c8cf37e75cfb1259d464676b8da02131b523908ba531f59df1aa74577a8073753a33505a6af05fcb4d16e87cec27b546dfe26074ef4b7c18de19f

                    Download Submit

                  • memory/1708-8-0x0000000000A60000-0x0000000000AE0000-memory.dmp

                    Filesize

                    512KB

                    Download

                  • memory/1708-7-0x000007FEF5350000-0x000007FEF5CED000-memory.dmp

                    Filesize

                    9.6MB

                    Download

                  • memory/1708-57-0x000000001B400000-0x000000001B478000-memory.dmp

                    Filesize

                    480KB

                    Download

                  • memory/1708-103-0x000007FEF5350000-0x000007FEF5CED000-memory.dmp

                    Filesize

                    9.6MB

                    Download

                  • memory/1708-104-0x0000000000A60000-0x0000000000AE0000-memory.dmp

                    Filesize

                    512KB

                    Download