Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2754aaeb9b...1e.exe

windows7-x64

7

2754aaeb9b...1e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 04:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2754aaeb9b41b60f8b4a6cda97d4311e.exe

  • Size

    7.2MB

  • MD5

    2754aaeb9b41b60f8b4a6cda97d4311e

  • SHA1

    b5476b60e18cf05f251a0ed0dcd5c6c4a1c00480

  • SHA256

    1820e9e7ce7a071755d97463e7a7d7b66e95a35cb5594cf8389d3efcd0e92023

  • SHA512

    b363a9b62fe8415e4f26e5ac1115804d65c31e03c3d0dbbd1b7e9486540f3709dfaf1c3ece76ad5af1077e621eeb452beafc2ed4b7e7227d79ff736fef099357

  • SSDEEP

    196608:PTzPICsXDjDyf6L2WliXYrHW1LAxyUVSX7/:PPICEDVL2ciIrHWRAxyX

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2754aaeb9b41b60f8b4a6cda97d4311e.exe
    "C:\Users\Admin\AppData\Local\Temp\2754aaeb9b41b60f8b4a6cda97d4311e.exe"
    1⤵
    • Loads dropped DLL
    PID:2744
  • C:\Users\Admin\AppData\Local\Temp\2754aaeb9b41b60f8b4a6cda97d4311e.exe
    "C:\Users\Admin\AppData\Local\Temp\2754aaeb9b41b60f8b4a6cda97d4311e.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI23642\python39.dll
    Filesize

    92KB

    MD5

    110b1201f6573436ccbb4d7d7eefb111

    SHA1

    3a1ef365c5a78ab83bb35213ea3180e2d101a8a3

    SHA256

    0df4c8ef7faafba3a3bc6f684760499d10eb1240da0366fdad857f16a9632e7b

    SHA512

    f4689b986e63b7fd12e8838c2a9b338e6089611e4c49e51e807ca032c6a7bad7058b7752e40bd55e56e1b5d81910a75cb888f906273a9668156baaae5393b3d6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI23642\python39.dll
    Filesize

    382KB

    MD5

    b147f86c06a54cb00766cbfc0b768765

    SHA1

    e2c12308e95ec5c410ab3b89036038e723f4fc79

    SHA256

    d7a873e9033b590e528b0486dcb4002fd6689d9f1a186bf5f45521f4e84e00bb

    SHA512

    c2269137141a6aed380bc8a16e42f078a34cc7d5cb248d74b9487022fc958812a8644d943729bdb723d9ce13cc3ac69291cceebef3765372b021884cf259ea4f

    Download Submit