Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

0f1fde4db0...4d.exe

windows7-x64

7

0f1fde4db0...4d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    155s
  • max time network
    163s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 04:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0f1fde4db0ef73ae222cbe6a3641e64d.exe

  • Size

    87KB

  • MD5

    0f1fde4db0ef73ae222cbe6a3641e64d

  • SHA1

    5a8d6539b568524605aff55a51226fb2f824fd6e

  • SHA256

    f632b9cc4fe7a9087001bc1abe7df0aac8dcc7ede937e6edd6c26a40f886e32e

  • SHA512

    c7537da82eb7f5eaeb9a065d8d14caa0fcd2eb1fc929b7a0543336eb8a7322df9105b0d7ea0583bf3d19caffa5f1f5d8c78fd7c562804df256a2a65c713ad7e5

  • SSDEEP

    1536:3UUUUUUUUUUHdTD+vvvvvvvvvh+UUUUUUUC9mIkkkkkkTyhhhhhhhMBqKG:blN9RkkkkkkTLBzG

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 15 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Windows directory 17 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0f1fde4db0ef73ae222cbe6a3641e64d.exe
    "C:\Users\Admin\AppData\Local\Temp\0f1fde4db0ef73ae222cbe6a3641e64d.exe"
    1⤵
    • Drops file in Windows directory
    PID:2508

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\win32dc\FlatOut hack.exe
    Filesize

    91KB

    MD5

    699cd8818bd2d418eb0ae6dbac333434

    SHA1

    9403f20b4f75aac50a617a48ed53cebe536000be

    SHA256

    149d6ad888c5d3a9375e147b335728facf919622bc20eee8d04bd0e0c90f0586

    SHA512

    5f09c8118a100d4c38818a53820fa2598805cd0869a538c7299b005d001fa6ae40a474b16c29af7337e039527231463e9427a2f1f25d74a7790323202d9c740d

    Download Submit

  • memory/2508-22-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-24-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-1-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-20-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-21-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-0-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-23-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-3-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-25-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-26-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-27-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-28-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-29-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2508-30-0x0000000000400000-0x0000000000423000-memory.dmp

    Filesize

    140KB

    Download