Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

18cdc69a86...6a.exe

windows7-x64

7

18cdc69a86...6a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 12:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    18cdc69a863bea01201639c75a10b86a.exe

  • Size

    86KB

  • MD5

    18cdc69a863bea01201639c75a10b86a

  • SHA1

    2101fc7146296600f0ed6bbe84bfff21b47bd846

  • SHA256

    d0a90ec662a022223c6ac1d9837e0310501d472ca54c840a1bba4c6934976432

  • SHA512

    9e6b1150ca6bd64cf83464bef475a6fb8ed6bf8fb735b1d478a356d903c123b5ed3830585c9ada8c35071c9bd8d96fe83750248629625d56a8fbb073ddd93f6f

  • SSDEEP

    1536:S5/bPR3AB78pZxtb0x9GMlxdBxvooFiJJxemPKFKty83tnSrmrSgZzeQSQz:SNP1AB78pr6OMlpx3FCPPrvtnSySgteg

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in Windows directory 2 IoCs
  • Modifies registry class 5 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\18cdc69a863bea01201639c75a10b86a.exe
    "C:\Users\Admin\AppData\Local\Temp\18cdc69a863bea01201639c75a10b86a.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Windows directory
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Windows\Help\F3C74E3FA248.dll
    Filesize

    69KB

    MD5

    82b40f113b6a7fff853c2335487cfa00

    SHA1

    adf1f67c68c14d7588d791415f3b91aeb6f3b173

    SHA256

    58d62dab8b73741c000a1348a6f7172dbd904d8fc581ab47a4b814fbbb22f66a

    SHA512

    adbae524b3bc7b4deee329e61ea5fc41c7567dd2dc1b2384eaea5c981bed75016e203d046ac266ea3094391c24d2a56add444f28da039a58cb1de8d5226e1b98

    Download Submit

  • memory/2028-0-0x0000000000400000-0x0000000000452000-memory.dmp

    Filesize

    328KB

    Download

  • memory/2028-6-0x0000000000220000-0x0000000000269000-memory.dmp

    Filesize

    292KB

    Download

  • memory/2028-7-0x0000000000220000-0x0000000000269000-memory.dmp

    Filesize

    292KB

    Download

  • memory/2028-9-0x0000000000220000-0x0000000000269000-memory.dmp

    Filesize

    292KB

    Download

  • memory/2028-8-0x0000000000400000-0x0000000000452000-memory.dmp

    Filesize

    328KB

    Download