Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4c0435b363...2a.exe

windows7-x64

7

4c0435b363...2a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 02:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4c0435b3630e00bbf43035c1efea782a.exe

  • Size

    18KB

  • MD5

    4c0435b3630e00bbf43035c1efea782a

  • SHA1

    613e44826c55cdd22ddb9a23e15ec0ba969d9815

  • SHA256

    f9505bd1b1fb1ae2611be75b1676889c5535c41546a0a350cdaa959bff396a40

  • SHA512

    f984e69124d75ace67670ddb4984eb79e0ac53aff371c74546d84bc0d198563bacdbb19adc5b97290579c4c932dfe8f732c5c0edc4754c58f767a4b61690f9f9

  • SSDEEP

    192:p6E+PCpaLaLon5LC2xYKpPv33kmJDjRuDBA06XMS7IRICsvuB+mF4c3pRH2Q5sHB:UmnUp7mKF33kmJDjEDWXMpHMc3pt2yI

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4c0435b3630e00bbf43035c1efea782a.exe
    "C:\Users\Admin\AppData\Local\Temp\4c0435b3630e00bbf43035c1efea782a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\elementzx.dll
    Filesize

    17KB

    MD5

    f1bb169e25b9a5a270257fec51c4922f

    SHA1

    7d45fbfda7d65813d726d4b730ab993395eef8ae

    SHA256

    7ff8be0e195ef0a8e21b187532250f59ea2e3e1295be85f4d57be777b52b02fb

    SHA512

    ed2aeda311f5f6fbab4e9de9d29789c7c17648b7ff6321e6ff7529cfe3b5073494783e7e9e3e0ce346232a4d41b23ff3461a2799cd572a2668040fc55d5b3c8b

    Download Submit

  • memory/3052-0-0x0000000000400000-0x000000000040D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/3052-6-0x0000000000400000-0x000000000040D000-memory.dmp

    Filesize

    52KB

    Download