Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

64c77b5068...c2.exe

windows7-x64

7

64c77b5068...c2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    95s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 09:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    64c77b506873e72257c4064f5c6123c2.exe

  • Size

    1.8MB

  • MD5

    64c77b506873e72257c4064f5c6123c2

  • SHA1

    63b9cbb1fc45c5b9b9fbef236918ada3628cf465

  • SHA256

    c7426d4815ce4ade95ca9fd7c68b05a52966e94c064c99f5ed293f46c6a8fbb9

  • SHA512

    698959ce1a9db9da3a191eb01ee97fb78bd1a22c11bccd9d5d806d9520cffef5d701a7d2b39476483a3774a63b652e7cbccf0a2232afe32293a7d3589a1c6fa6

  • SSDEEP

    24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7Nxqy:SCqm2Jpr0nNM7Dus7Nxj

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 6 IoCs
  • UPX packed file 10 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops desktop.ini file(s) 2 IoCs
  • Drops file in Program Files directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\64c77b506873e72257c4064f5c6123c2.exe
    "C:\Users\Admin\AppData\Local\Temp\64c77b506873e72257c4064f5c6123c2.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Drops file in Program Files directory
    PID:2292

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\7-Zip\7-zip32.dll
    Filesize

    501KB

    MD5

    0a73f9e35dac663d925e49e6a92ceb7e

    SHA1

    80cf45a0b1cab70fd8ecaf886881f66a98e62b48

    SHA256

    e211e467078959b3a7c89ff6ce5907a13c5a82c8162d61ae886909c8178b77d4

    SHA512

    bd7bd1cc71824045c024b161d4555566bc5566982485bc37a73ee5761d14c745c27057ab3baf5e04e8016ef2c8f291efab322bf8e8f031b76673d8bf78351d1d

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    133KB

    MD5

    5d27a79acbd0fd96794cbaedb0b82b5e

    SHA1

    7e2e6c53ed1c6285fef81c90fd4482b4d1096222

    SHA256

    71580b1422a3729f899048da783e0d048f7ee4487cd74d100b30eb765af72246

    SHA512

    0d2e94663c9803e2f86f63579fe3acdde50d0cca03ca05a85caf72cb12157bec8bd8e2e2bc79de28f57c83ee019ca711cdaeb76513bdff6d9184094250888a5d

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    249KB

    MD5

    a414727f741b67e79b672f8fd55e2e28

    SHA1

    f483a199c9eb03b937a7885c0d2d345e683d09f3

    SHA256

    a2c4b2d20b113d31fcc8477613c0f795afbd895d95b3df60b4b32b69ec3894d8

    SHA512

    88f6379b25428dfdb4f517a571ec27579c92682862ad8eb995e2181ed72e8aeb6bfd6bf4a7ca1048993a40d9f8164b165493abf939e09bcd66bb988e84920362

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    260KB

    MD5

    e5885c37ef600c45cde24433e07fac4c

    SHA1

    d5bb27408733b0ed03f57f10e10e08bd19c30209

    SHA256

    fd742066d2c57093fe7d56d8879cb6cb8488719c8d2d7e2d2d8d5b12e0db8c72

    SHA512

    4409b1b749e13b8606fb3ce41ce5301d6f610217cff54be1fee403224a8d6a26ce3917215bea81f2955bb0a12fdb5689bc75142c6baf63953fbb099d0101d245

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    231KB

    MD5

    c341f9a864f70adda895b821e4bd1060

    SHA1

    b02116542bf5ae8865a791f183f3f4970c0e53a8

    SHA256

    a53dd5547ae046ee5f0bcc584d014dbe03ed89dd42f9962b52df6e9596702625

    SHA512

    04b08ab7263a5f32c77b9228ff0b54f58577ff23293cb9230343d734e9a6246b6fc2b87f21402028548628d0593ad9d66fa4e028b9a988c94ead435364f5245c

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    280KB

    MD5

    616e4512e3c5c106836b226cb57755a2

    SHA1

    b44f9ecfc9c7872ffaf94818d975ad19e8bf3dad

    SHA256

    eb28142d51327123c9efb7d5bc009730b95c1a2ea7c70256f1b4bcfc2f1b0482

    SHA512

    9ecbf398041348046cf7f9f8f2a7162b2af0c0ad99c49aceac27f0454e943f06b2643744d712e4f54c1721ecea841154774f0127e55aad042d29730a36b7cae9

    Download Submit

  • C:\Program Files\Microsoft Office\root\Office16\VISSHE.DLL
    Filesize

    325KB

    MD5

    b6824b1be6e9c729c1f7b24b3a59a793

    SHA1

    00374881619cbffa90d6216b145ac40aad438929

    SHA256

    7d95d55ca8acad037c428ff3f6923a163de91d47020b84f4fcf7e1c355de8109

    SHA512

    e37727149882a5de352e1f1ebf07d30432bbf06fffcd67f36ede83a262cec6a16d5653699bf7b0ff42059789bc151683bb42cb99fd12227b75a7dd8ec65f4311

    Download Submit

  • memory/2292-0-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2292-6413-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2292-13399-0x0000000000400000-0x00000000005BA000-memory.dmp

    Filesize

    1.7MB

    Download