Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

260e139956...02.exe

windows7-x64

7

260e139956...02.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 03:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    260e1399561c2ad320b8a3df089bfe02.exe

  • Size

    1.9MB

  • MD5

    260e1399561c2ad320b8a3df089bfe02

  • SHA1

    b3a502d0a7553736d158a8a19d51b0489f949543

  • SHA256

    a4ef869063b73c783dc03b6e40b14cfa7eacf69e179c72c00f8739c2381e682a

  • SHA512

    07b15aac0fec899baeb12cc3ae7519a06537ea346c71d58a4e8842f5ed70e88fd79942c9318dc4a1df597fcb651436a56bf1615fba6496248503ffb1b7486889

  • SSDEEP

    49152:Qoa1taC070dfA4F0GLrHClKLlCbVFl7NsTbU:Qoa1taC0B4BLTwLlB+U

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\260e1399561c2ad320b8a3df089bfe02.exe
    "C:\Users\Admin\AppData\Local\Temp\260e1399561c2ad320b8a3df089bfe02.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4364
    • C:\Users\Admin\AppData\Local\Temp\D031.tmp
      "C:\Users\Admin\AppData\Local\Temp\D031.tmp" --splashC:\Users\Admin\AppData\Local\Temp\260e1399561c2ad320b8a3df089bfe02.exe 5A241CD25FE5C0C1828479CEB50C5D7239007DC31E5E5330F2D3A3AB4071BBB482AD3E3A941203E8DEDDF80FBE3B32EC088F3D891ADEB66336CA5AF61AF342AC
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\D031.tmp
    Filesize

    365KB

    MD5

    bf2e7b7b3420eb49a16c351d8675b717

    SHA1

    bfc8a66e6333a2f98143005dd9e20abc74849c4f

    SHA256

    b2d314f0fd6e7a060f8518f3ef3bed2fa3b1758d415c30b289c4dd21a24df3c3

    SHA512

    3177ecb663fc1263b98d1e4295289e0974942e4b24e150399ec77ae940253778c7dc93b2a4f73bb2a59748f3ad2d3b072806f75eb6e0cef2c81982f2eae3bb3e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\D031.tmp
    Filesize

    327KB

    MD5

    6b896611848742b35a898332c852dbbf

    SHA1

    90151d3eb3e0bdff2b2938111487d70d1a75b85f

    SHA256

    53b95a8c864f90bf96dd3f0ca2034b7a2a3cb8efc92199499d58a032312c35cf

    SHA512

    8f0424d5234763686c2b59ecd52263405f78804c27ad227dc029e86da5bac8ccfd36b62c228dcba06aaec1518cae2e92a41c6863edb9c03d32c1ea9180d77d7d

    Download Submit

  • memory/3940-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4364-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download