Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

0b0939137b...1c.exe

windows7-x64

1

0b0939137b...1c.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 02:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0b0939137b56861d30c02bf8c2a42f1c.exe

  • Size

    1.7MB

  • MD5

    0b0939137b56861d30c02bf8c2a42f1c

  • SHA1

    3e8a26ed1653394676db7f104ea2d97b0053e160

  • SHA256

    8175eb3085d209a982720c69d1880234ac26b58e90713eeebaa971c6ef195eb4

  • SHA512

    4b39940c3a0c95273028e83bec80148a2957556dfd45527e24e750fa2d395b3b886ed22e295291330895475800f030238a8953f4926a0a8aba3f6409343a44b6

  • SSDEEP

    24576:kgSivRpANHygPunq/n+uIMHvEJoAofl7giPK9AErPV/AHYc6Nw+geqapYP+VyoEz:k3SgbvhIq8CZg0pIDQ+oMFBCv7Z

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0b0939137b56861d30c02bf8c2a42f1c.exe
    "C:\Users\Admin\AppData\Local\Temp\0b0939137b56861d30c02bf8c2a42f1c.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Language\English.ini
    Filesize

    20KB

    MD5

    f2764e646669472a50d34848623303be

    SHA1

    d546a7980029656b2a9c343cf65d9bfbdcbef9a5

    SHA256

    8f2cbdb3c23d6072b31dffcb7ad71f0abc37932c9188dc01e5b3a0973f74e6e1

    SHA512

    27c31f0ee8152c3be2dfb9b847fe848d7f87218d214bfc02249305f6089c39b819afa31aac90b91dfcf010dce88866f637eb322c5e359178671cc058a4e1182a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Settings.ini
    Filesize

    2KB

    MD5

    e78bf2ad1240307b13934fea4f01007d

    SHA1

    a494c83dc71555403f16b6fcd9270cbc2e502445

    SHA256

    a4090757cca167cf5333ec231234a773279e69e7c0f57ce9c5f88575e4126602

    SHA512

    5a365f12aaea0d4a165d084c5a14ab2248c8beb4433bd5e7b1f11436e20a647172409f522e775f202bd9b2d35995633fd41c62fb24ed881ed9be90857df9ec00

    Download Submit

  • memory/2224-1046-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1057-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-6-0x00000000003F0000-0x00000000003F3000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2224-2-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-180-0x00000000003E0000-0x00000000003E7000-memory.dmp

    Filesize

    28KB

    Download

  • memory/2224-1-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-408-0x0000000000B00000-0x0000000000B4B000-memory.dmp

    Filesize

    300KB

    Download

  • memory/2224-1028-0x00000000001E0000-0x00000000001E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2224-1044-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1045-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-0-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1047-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-3-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1050-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1048-0x00000000001E0000-0x00000000001E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2224-1051-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1052-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1053-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1054-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1055-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1056-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1049-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1058-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1059-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/2224-1060-0x0000000000400000-0x00000000009DC832-memory.dmp

    Filesize

    5.9MB

    Download