Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

036e11f0b8...60.exe

windows7-x64

7

036e11f0b8...60.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    151s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/12/2023, 20:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    036e11f0b890ade8b503ec66733f2360.exe

  • Size

    2.1MB

  • MD5

    036e11f0b890ade8b503ec66733f2360

  • SHA1

    84c7e41d1fc1ad881fbfc2a14220568acc1df12f

  • SHA256

    856ae8900fe7281ed0ae62bb8bfabbababb59b1cf0c819201fc245de8262f659

  • SHA512

    983712f8e01eeceb43ac90685bb19eca0828e6ea0e15f94a2bd91dafdded5bab3cf6e0fb62a7625fc91300c65ed1a6243d7d2797918771d7d442050b69aeeeb3

  • SSDEEP

    24576:dgdhhQGGnnazLpj4VHogiuGYNycAavew3mwmI1nk30sKbcGOyRWEMVM8w8sDDFUn:dqgazxcGYN139lnk30ray051Os

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\036e11f0b890ade8b503ec66733f2360.exe
    "C:\Users\Admin\AppData\Local\Temp\036e11f0b890ade8b503ec66733f2360.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:1752
    • C:\Program Files (x86)\iss\l.exe
      "C:\Program Files (x86)\iss\l.exe"
      2⤵
      • Executes dropped EXE
      PID:3104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\iss\l.exe
    Filesize

    998KB

    MD5

    874fc2d94fb954cf203913b078722948

    SHA1

    adea477a3edf8707c7dbf693d884c10e37c024f8

    SHA256

    ef936afde79b5181eb4484c79a646d2c7faa21331cc98bf2bf67628f7900c3a7

    SHA512

    ad5bb49115d6bddce22a16b0a90f36411710ddb8213d5ae5fec67385bd7d87b796fc6cc32faaad3adb6fe8f4d2ad939f19e7dba3901d425a3c3d2b2f8670aa53

    Download Submit

  • C:\Program Files (x86)\iss\l.exe
    Filesize

    583KB

    MD5

    0698e9c28ad756ff368df767cd77f15b

    SHA1

    b1c0eac123e9ead8c26c143b78e9827f9c1ee282

    SHA256

    a055d4a434525cf9053f2dc8da7543bfd0aaafea98c33019511c961287cdf936

    SHA512

    717d503127daf97d0a7174596119d1ae6ab1b22a5bc3d26901085472a8c75de759a122bd5a702e8adac7b3a9e9de7af10d0140e7ce295a45c2fab4bdea21120b

    Download Submit

  • memory/1752-3-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3104-5-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download