Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

4d2453505e...c5.exe

windows7-x64

7

4d2453505e...c5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 02:37 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4d2453505ef20093de88f7acee72ecc5.exe

  • Size

    40KB

  • MD5

    4d2453505ef20093de88f7acee72ecc5

  • SHA1

    4148ded738c27e7e69411f30ecaed6c1500c44a6

  • SHA256

    dcb9c489f4e0e73a0c0dc73b50371192ce981bdee15ddcf9b35b7821bddde0dc

  • SHA512

    810f8225ac9767e2b02f7f49ed366629b39e6f96f448c7e0d042b47eab07bc3d2e16b91998ecd1540ffb159180636df18268e745fb3ec9abdb9406a49f0339a6

  • SSDEEP

    768:bz0lTqHKfdzpPxmN6E/U8G0K1VNwuaExe1u+afd/ovLtR2HDqQZ5ogq:v0AHYpPYNa0K1XrHSLajd

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 5 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4d2453505ef20093de88f7acee72ecc5.exe
    "C:\Users\Admin\AppData\Local\Temp\4d2453505ef20093de88f7acee72ecc5.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:1644
    • C:\Windows\SysWOW64\userinit.exe
      "C:\Windows\system32\userinit.exe"
      2⤵
        PID:2560

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1644-14-0x0000000000400000-0x000000000041F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/1644-0-0x0000000000400000-0x000000000041F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/2560-1-0x0000000000400000-0x000000000041F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/2560-10-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2560-9-0x0000000000400000-0x000000000041F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/2560-6-0x0000000000400000-0x000000000041F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/2560-3-0x0000000000400000-0x000000000041F000-memory.dmp

      Filesize

      124KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.