Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

00635c23c5...fe.exe

windows7-x64

7

00635c23c5...fe.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 18:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    00635c23c53d70b01d08c709bf2281fe.exe

  • Size

    1.9MB

  • MD5

    00635c23c53d70b01d08c709bf2281fe

  • SHA1

    fd6f4aa5839045b4ccd1384f472257a16b5c1cd5

  • SHA256

    0ad276e88c7f459cee2e414dcf1af08cb7735ac0e584c9db03f36cef774a0558

  • SHA512

    67e44296d4741cd1491d712fcedec8ae7ff28b6b048523b374f46d9a44536a96f85864a7bb3c8da4ac50af9ec79060666620aa05000c8fb0593eaeb372d4a582

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10doiqP89AFe1KXzKW9Yp7IL0ogkuqX8le9fdrx:Qoa1taC070diRzKBWRuqgctInSlrOpE

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\00635c23c53d70b01d08c709bf2281fe.exe
    "C:\Users\Admin\AppData\Local\Temp\00635c23c53d70b01d08c709bf2281fe.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2332
    • C:\Users\Admin\AppData\Local\Temp\143C.tmp
      "C:\Users\Admin\AppData\Local\Temp\143C.tmp" --splashC:\Users\Admin\AppData\Local\Temp\00635c23c53d70b01d08c709bf2281fe.exe AD9E9EB2D78DD0EB8A7256A9899E1733B8B7B86220D77B2ECAAC815D487B7926226E8060EE011172AE3659B23D77F9A9CC3CEAD587F90FFAA003D77D962343EA
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\143C.tmp
    Filesize

    1024KB

    MD5

    7030e9b89c6f8aa13feaab2c99b66415

    SHA1

    a1b645a37909a81a5896c5d79dd627252d1f95f5

    SHA256

    8e04a7d59f9fd856ba8a376dadc34d18e598658496bc47c9d189340e9f0f0fc3

    SHA512

    cc0bc2d730116af33c4154c268d1d2e4e831e15c7dbc62ec8eac042f7dacd6355b87ac0127d125896fce61a64a4963dc591c2f410bfc084520d1873606da7e23

    Download Submit

  • memory/2332-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2372-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download