Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

14671ebdda...d2.exe

windows7-x64

7

14671ebdda...d2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    174s
  • max time network
    197s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 09:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    14671ebddac3211b50ad33cdce957ad2.exe

  • Size

    12KB

  • MD5

    14671ebddac3211b50ad33cdce957ad2

  • SHA1

    82b417d7cc3556b36adc4a2bc6c643135074930f

  • SHA256

    b4328c9a512a95228a73f3c58ed2eafb7c7568270ca8997ebc752279eb4193cc

  • SHA512

    9ada9abea15f3ebca120f70ff813b234aaded3c9da295a4de030df1c1e239d1a942b70b75d04f76ee2e0232294490b7a4e9e1f758974dd00988ccd5a219d2fca

  • SSDEEP

    384:IstSSDQRhH8LZ+Soq7Trl3KgpR9NmVmk9EDY:xSSDkSoq7nFfWV7EDY

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: LoadsDriver 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\14671ebddac3211b50ad33cdce957ad2.exe
    "C:\Users\Admin\AppData\Local\Temp\14671ebddac3211b50ad33cdce957ad2.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:5076
    • C:\Users\Admin\AppData\Local\Temp\A.PIF
      A.PIF
      2⤵
      • Executes dropped EXE
      PID:4812
    • C:\Windows\SysWOW64\cmd.exe
      cmd /c del "C:\Users\Admin\AppData\Local\Temp\14671ebddac3211b50ad33cdce957ad2.exe"
      2⤵
        PID:4664

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\A.PIF
      Filesize

      6KB

      MD5

      9f405be26aea92be5750c05fe28cb133

      SHA1

      e5c5c5c192475cfdababa9740dee09bb59614d32

      SHA256

      cf13d6b72687004f2bdbbdd3e7c812ed359552e7c93763938f9177e3999d00dd

      SHA512

      ba966105255058a06d65f9d9a3379816beb07cc9919d958926f5214a537eab8266de71ea099606304eab4aa4c74c26136532fd47099bcf22eece3f2472449405

      Download Submit