Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

7729369121...a0.exe

windows7-x64

7

7729369121...a0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    144s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 14:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    77293691212ca8f5d546e6eeec064ba0.exe

  • Size

    22.0MB

  • MD5

    77293691212ca8f5d546e6eeec064ba0

  • SHA1

    4dd6caeee5d58ab4a0277ed5bc8992b31dac58cb

  • SHA256

    69555e5c49102b24a3748ea1cf44ecce886c933a1ef33e96ab6d53bbedb9c0b8

  • SHA512

    36f764082cb3c8b29598afb1163df1044323bb5246bc5c0e4e1b29e33b76281c356be2d76e181963c88611f1d5c6a53acdb87cf456970d49ac59a416a07ad4b1

  • SSDEEP

    393216:N2CdOpb0tQ4RCrN1VMPA4QPL0eyBeQ6fFWct3v4MxVo1wh0hfP0zqdp9llF4+s3X:YaCrbiaMBgUct3QMnoOhU0zq/llC+EDl

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\77293691212ca8f5d546e6eeec064ba0.exe
    "C:\Users\Admin\AppData\Local\Temp\77293691212ca8f5d546e6eeec064ba0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:780
    • C:\Users\Admin\AppData\Local\Temp\is-7B1EU.tmp\77293691212ca8f5d546e6eeec064ba0.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-7B1EU.tmp\77293691212ca8f5d546e6eeec064ba0.tmp" /SL5="$7011E,22345545,721408,C:\Users\Admin\AppData\Local\Temp\77293691212ca8f5d546e6eeec064ba0.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:2768

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-7B1EU.tmp\77293691212ca8f5d546e6eeec064ba0.tmp
    Filesize

    348KB

    MD5

    7bf54a9cc46c6fe021c0f1a9ee09560b

    SHA1

    8f17602ab55230c389442d69d4c6eea4ab2a2e12

    SHA256

    1caa8c9082792638189920080c6c1a9caa790a3e27140fff936cb8891c7a3718

    SHA512

    c463b180f691d7a11f2a2cc4f15959d8cf55f6519c9e9eb01c6348bf227ce252786d4ee39a152e1945a75ed56c7a0b298140056c9efa3d647259c07635b7d72c

    Download Submit

  • memory/780-2-0x0000000000400000-0x00000000004BE000-memory.dmp

    Filesize

    760KB

    Download

  • memory/780-0-0x0000000000400000-0x00000000004BE000-memory.dmp

    Filesize

    760KB

    Download

  • memory/780-12-0x0000000000400000-0x00000000004BE000-memory.dmp

    Filesize

    760KB

    Download

  • memory/2768-6-0x0000000000960000-0x0000000000961000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2768-13-0x0000000000400000-0x0000000000679000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/2768-16-0x0000000000960000-0x0000000000961000-memory.dmp

    Filesize

    4KB

    Download