Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

6a38436d84...d8.exe

windows7-x64

7

6a38436d84...d8.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 11:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6a38436d8408bb11d2a6c1181a4935d8.exe

  • Size

    250KB

  • MD5

    6a38436d8408bb11d2a6c1181a4935d8

  • SHA1

    2ab2fcf5a22162c583a39f0ccd8139315998d64b

  • SHA256

    784fca9dd6da4417ca166b95539c95a7c3a4ec84c1eb656a7b82793c19cadf5e

  • SHA512

    3c88e0f15cee16c140475b1a00f222d8a572bc00b19d4496bdaad60248b18363b27db7cbdf881eceba58fd9fb45027f7fbe573c92eba4a1d4e6b7a1f9b543cc6

  • SSDEEP

    6144:yS07vS15CFJDv+CzqxXmbBrTsHaYEX84yjky0J3:ySm28TPJmXEM4yQT

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6a38436d8408bb11d2a6c1181a4935d8.exe
    "C:\Users\Admin\AppData\Local\Temp\6a38436d8408bb11d2a6c1181a4935d8.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2140

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\100BF4BA\_Setup.dll
    Filesize

    121KB

    MD5

    ea5e763058f175489e86bea313c06112

    SHA1

    29ae2dad2cb1fe238fe8c301d3b19d4bb999e6b8

    SHA256

    a951438095ebbcf2b70c0e0385407aa8ea41f8f7c409d36886665e27d270f9ec

    SHA512

    3548d9a9c0fd26ca6e7715f7f6fb6ba19cde38832c57357f915efb47721951859c2c2e246b19d75be22b8f2a789111aa633b102b0b48365fb2cb52058aaced0b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\100BF4BA\_Setupx.dll
    Filesize

    21KB

    MD5

    75677066bedbb24f795eedc8ead34e55

    SHA1

    892a26f9fe227c21867de49454bef940610bf53a

    SHA256

    24a1802d03cf769f8157ec0ae5af0a36ca79580ae96935d3653d7a669ac0dd28

    SHA512

    e0c4f3c1ffb298e37938945a34e140f1c5bdc64f2bfbdc91008a393eafcb8f1686b5d09c7f4c6957043a48c935734f22489eec81ffb5ee10daf266c30da29f9f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Tsu-085C.dll
    Filesize

    248KB

    MD5

    961bab6d3b9d50e12b40f724943b5c0d

    SHA1

    90cd69057be30e44f77fe5c2e0bd38f42886a1b3

    SHA256

    d1c6caca7e52bc4228e5177ebe8d1a4133f8ccde9db5bab882512c1b74add18d

    SHA512

    bde1a35be017a07f06ee3b40de48aaa557b2274a53f0fdda392c5d874f9fc0dcce98b589e5be62be072ef2f6ceda92c8f072d11c3b18d888285c517d9c3c8f9e

    Download Submit