Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

035e661cf4...6b.exe

windows7-x64

7

035e661cf4...6b.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 20:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    035e661cf44d703d4deaa17e8ae4056b.exe

  • Size

    184KB

  • MD5

    035e661cf44d703d4deaa17e8ae4056b

  • SHA1

    3a2cada2581165090e136be230a3acaf2d0b40db

  • SHA256

    f018bbb22303acfbddc04ba33d9d8c682ac08963788244233b92d9208bef6e16

  • SHA512

    349df5bf7757b95e5cb8e7807019f8df177206975ec43294b9284ac6f881fcfab9dfa52ffed219e7065a7ee6c4c2fca8cf91870888c34e5283a666b6c6ecf616

  • SSDEEP

    3072:l+1GoEN8XJA8kFjbwzOS08dbY8t6QSphfDMx+YdSUNlPvpFA:l+oobm8khwKS088TdUNlPvpF

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 7 IoCs
  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\035e661cf44d703d4deaa17e8ae4056b.exe
    "C:\Users\Admin\AppData\Local\Temp\035e661cf44d703d4deaa17e8ae4056b.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Users\Admin\AppData\Local\Temp\Unicorn-65015.exe
      C:\Users\Admin\AppData\Local\Temp\Unicorn-65015.exe
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2988
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 2988 -s 200
    1⤵
    • Loads dropped DLL
    • Program crash
    PID:3048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Unicorn-65015.exe
    Filesize

    92KB

    MD5

    e4045f4b3ab0c3388973f3617d7d0824

    SHA1

    d781745b8fe1faac2491382887c313eb6c588ea7

    SHA256

    512923c02e323e67c0b38d0f651b131a32a524d6a64f774f93ff8aaad8aadc06

    SHA512

    e425399dee1971746c6479bb35ae450728fe5279629e9f55fce79b2ba301a7301e37818dbb836a7cb3400ebb1e5ca2866f8d34d88c178356b1d8fcd6448aba40

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Unicorn-65015.exe
    Filesize

    93KB

    MD5

    b6629a947fce02b5541d0101d325ae2b

    SHA1

    39151f8a953fd9447cf8d84278710aeadb6087f5

    SHA256

    2e18d1ee3b748f5a76db56fdd4e00157a33d4afe5fb65142d2ea0a44561ae32f

    SHA512

    4d4e6dff383ea085e7fbe0f8dcefa152f0705a4e68e3e9aba6e0b210fde0c4e99c65f5c54a85f35d9a80671362490e176cf764e0756eea2bdb1aa880b4804f8c

    Download Submit