Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

244d28a97d...01.exe

windows7-x64

7

244d28a97d...01.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    15s
  • max time network
    102s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 02:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    244d28a97dd03a3e17adfec1dbaecf01.exe

  • Size

    227KB

  • MD5

    244d28a97dd03a3e17adfec1dbaecf01

  • SHA1

    8eac0306d8bd63e358d213fc4404c814433750ba

  • SHA256

    2129cdb0252b7d3a6f6d7610d5b260a87379dce04e19c737fe362a950ad79dff

  • SHA512

    a423fbde6d18b28616bdee0abb9b96e22cd0bb23b44cef07b94e2ce85d94cd6f4f03a66a806d58304bafa57c71138de762982a7c4613b492fd3add901c1c99fa

  • SSDEEP

    6144:RifApVMqplDf/h5O/lBC8+2hyDRlX7llrnz2P4t8oSRVJ7:sfk6kDqHw2hmxlrz2HoSRL

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\244d28a97dd03a3e17adfec1dbaecf01.exe
    "C:\Users\Admin\AppData\Local\Temp\244d28a97dd03a3e17adfec1dbaecf01.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:556
    • C:\Windows\SysWOW64\cscript.exe
      cscript //NoLogo C:\Users\Admin\AppData\Local\Temp\hd.vbs
      2⤵
        PID:720
      • C:\Users\Admin\AppData\Local\Temp\244D28~1.EXE
        "C:\Users\Admin\AppData\Local\Temp\244D28~1.EXE" /asService /logPath "C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log"
        2⤵
          PID:1232

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        8KB

        MD5

        dff36ecd60b33dcaecf69de65226defe

        SHA1

        4c941c9f3bb884a4f87af90b908ad03b4cd58070

        SHA256

        4d68d433f7bca55d3718d5425172bce2eae9b52c671397818be77ad52ff69e0f

        SHA512

        5548273532b03c73b8fff38d1f27fef8a3917f54ff6755f55dbe702573ef7d51dd02de1682c8b7d4561b64dff795b81e582827b450c55da80bf4cc5f03a0ef4e

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        9KB

        MD5

        3f1e95b706e017edc8a016cbacdcfc0c

        SHA1

        c3f7e7ee689c5c5afffddb367d03b62da40c8c90

        SHA256

        7750ea9492dab26ac718dbf896ab0dabe5f2c1458c563cd6da08c8d1ecabe5fb

        SHA512

        9ee4e16f383f2790cc41f014cfbfec77606731cb08cc56964bad8a129a7009defc4528fc9b0a19a7631aaa6c66b954d2ab42edae95e32fa89dd4e6a375236e93

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        9KB

        MD5

        66838da8d20369d3d32b51d82ceb90cb

        SHA1

        821ef3e0e63b745b97a471056fa5cea59fa0e9e7

        SHA256

        94791fa763b0e7957af9fecf90efb85bda397a9e1143f0a25db94c2050faf244

        SHA512

        853498a1803a413c7eb3a3dba19fd1a4d21c8a73236d08d8e283f37169453f34f8586a7a6fb7d40605cb1c1489c200a7ddca09f8e99d02a1d5435069a15ba108

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        10KB

        MD5

        14e29401957299825b5affdebfaed80f

        SHA1

        4f8a7db1e3342f8c372288ce471d86a6e29cee0b

        SHA256

        f76683e696186c13afc682ca8b80a6246008b6811b4b935ffd909e7a549db68b

        SHA512

        68e3c087815fe301cddf2f7906068dab47d6b14923f2d141b39227c8e47ab25dc5a27f3c2c79fbdeb34563cb982fc20df9125717d4efd5d4841994e437aaf4b7

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        10KB

        MD5

        c68f89335066fb10fcb9cef1242fa1b8

        SHA1

        f8a4571e842d7eb33b31eaf3508d67fe3a78e40f

        SHA256

        e7dab85cbefbb339b78aa09b9ada84356418ff8086d6ac4e36c131a8c0e6d218

        SHA512

        d5cf3151aaf8767ac159f315cfbafb9eaeeca7393185254ee073f12a3141ffbae5ab7c8c43990180d9d67c19ab1f3abf1808c4afbd862459b431525bbb7774ed

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        11KB

        MD5

        b87587d7699cfc70ee8c74341aa8a7b9

        SHA1

        36894c598ca64b678d4915fefad2363972f96421

        SHA256

        003493cac6bf415690eda1c0491df6d6a0344f536f639f53b0c36588ac03636f

        SHA512

        96376790f9e0e088ecbfcfa130c0d66b74997045ed4cf0c2c16722c965d7e619a884dce313a818cc816fe3bdc636b8b9b42df6cd16e8ec656f68fd0135ea0309

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        1KB

        MD5

        b3a509c75447fba38c8c451f4b7db24f

        SHA1

        1e46f4d71698bc0e9b8e6fee75b8921b15d2a017

        SHA256

        195ce9d7bbad3462257b79903b7eefb27abd8c8d54214b9dcdc0597af7708ac5

        SHA512

        68104107ae866f1a559f9c96029fa2fd953460338ce4ca2abaf8503a302efc04856536c2c0832bbc0c5b78418322b9b06ea4ca2b861a43099c79d0dbe73252e5

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        12KB

        MD5

        f038f00cdb050159986aa1a4d8f0f79d

        SHA1

        db74c4a58ca10058c344aeea71ad4af9aab753e3

        SHA256

        59f17412b9eb5870895fc062037bf9d25c226a7a4b7fa10d4eca67b76729f895

        SHA512

        faa22a9cadc3486b0a3042114dacf765edcab1815ffbd592351a1e49cf0fd59b3324350cef200c6d128627a30fc54a7bab6df7b210810ecfdf1bf567a4032395

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        13KB

        MD5

        8ae11be2c45ccc8b683289e6f5baffb1

        SHA1

        0947b976f341ad9da85f0487b6bef61cbca9d9e6

        SHA256

        9d830ecd00d7298f77657e4ce669d0e1033a0fd89642cd9f22da84a06091dc71

        SHA512

        49c6457fac74198718855afbcfbc06a20ca3e05a3a4c5985421a358580b281babc857e53b141c134fa949bf76aecf58e3dfddb88b3d47ece6643a866ff45cc8b

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        14KB

        MD5

        a6d5cd8af1363e78e4c1215fe3f6023a

        SHA1

        e8e05afd6177c842526935bf6753693cfc8b0c13

        SHA256

        a20cf2770004bc0a7b55856bc3616b7b1e3092e4b1263887840904a6c3db4ed8

        SHA512

        0ec844b7de51665fc5567933596bc5520d9ccdbfb4c460f74fcc1e169341ce04ba648199c3379a88cc2ba0e2c2b1fadc3724e77344761fdcd11c23d16e0fecec

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        1KB

        MD5

        adea69d47278bbdbd3bd2fe3dc4b32ab

        SHA1

        e0e3f685a5330834a163a95da396cf111e13551c

        SHA256

        243adb6104ab77d66f32b0bd60d699006a61d42f48c12e5f781cd71c246b2985

        SHA512

        a088b38771a5972fa35938e4457a457c25e1da479272e9cefa28c08379a3cb865ea60e90746608e9478f04cf25ae6277f9e482d5bb0adf2548f278525dfbddd4

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        5KB

        MD5

        68075401c021564adc679728b842b61c

        SHA1

        39185a2cdc6b300151fd303585264df16c2b7aa2

        SHA256

        fa697e5bf499a8d1cdd28021625d49acd4b0387eefba345a88c5cb5b2b0f1cfd

        SHA512

        658dc0f22cc6aa1405f705b6c611de31b0fcd4aea801b28e521fc5532571a0b1bde15658e78db7c31d5e166b1e982276385da5e4132adaffbc93b33b761fd789

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        6KB

        MD5

        e8150d3babca49552f219c145521232a

        SHA1

        2c984f2b24fd642992f94096c4cb22659674c8d0

        SHA256

        0a552f55ceeca9674c3005f4e361e7c3325b97c38fa948200208fd6d3173884f

        SHA512

        311c3f74a835d9ffcf285c5f3b77689864f19c631d1865dc28bd743a3a6a996092f86bde12531ad54e9bbb0f887dedad0d9fc42e44b2245b17ea08b428c90013

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\ZonaInstall.log
        Filesize

        6KB

        MD5

        892dc8cdf34a19723e4cb41da1c84e09

        SHA1

        9e1b5214b7b4592b5ef99b07c73f098343c74617

        SHA256

        6f7821c87fb732071cf50270c6b98f054de01b181ee9d3f33d78727741fb0c82

        SHA512

        fad266446f31194058cc818c0cfa349073f9f6cc5597da66c7188cf79cf962eb49c13839c21473d01c2943ec704ce446876cc96bb2012e7c167681e1bc110205

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\hd.vbs
        Filesize

        245B

        MD5

        d8682d715a652f994dca50509fd09669

        SHA1

        bb03cf242964028b5d9183812ed8b04de9d55c6e

        SHA256

        4bd3521fb2b5c48fe318a874bf64c6b1f62f5212b8c88790006cafaf31d207ba

        SHA512

        eaa39d87002df1eea16b215c9f099731253b7af72e46b12f64423874dbcdd8f68a164d7641bafb3f854aa6ad8aa7269da59ed0b32cd41eccba5d6f296f9a52ca

        Download Submit

      • C:\Users\Admin\AppData\Roaming\Zona\tmp\133489030601561423javaSetup.exe
        Filesize

        153B

        MD5

        a53e183b2c571a68b246ad570b76da19

        SHA1

        7eac95d26ba1e92a3b4d6fd47ee057f00274ac13

        SHA256

        29574dc19a017adc4a026deb6d9a90708110eafe9a6acdc6496317382f9a4dc7

        SHA512

        1ca8f70acd82a194984a248a15541e0d2c75e052e00fc43c1c6b6682941dad6ce4b6c2cab4833e208e79f3546758c30857d1d4a3b05d8e571f0ce7a3a5b357be

        Download Submit

      • memory/556-97-0x0000000000830000-0x00000000008CE000-memory.dmp

        Filesize

        632KB

        Download

      • memory/556-0-0x0000000000830000-0x00000000008CE000-memory.dmp

        Filesize

        632KB

        Download

      • memory/1232-138-0x0000000000830000-0x00000000008CE000-memory.dmp

        Filesize

        632KB

        Download