Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2754aaeb9b...1e.exe

windows7-x64

7

2754aaeb9b...1e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 04:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2754aaeb9b41b60f8b4a6cda97d4311e.exe

  • Size

    7.2MB

  • MD5

    2754aaeb9b41b60f8b4a6cda97d4311e

  • SHA1

    b5476b60e18cf05f251a0ed0dcd5c6c4a1c00480

  • SHA256

    1820e9e7ce7a071755d97463e7a7d7b66e95a35cb5594cf8389d3efcd0e92023

  • SHA512

    b363a9b62fe8415e4f26e5ac1115804d65c31e03c3d0dbbd1b7e9486540f3709dfaf1c3ece76ad5af1077e621eeb452beafc2ed4b7e7227d79ff736fef099357

  • SSDEEP

    196608:PTzPICsXDjDyf6L2WliXYrHW1LAxyUVSX7/:PPICEDVL2ciIrHWRAxyX

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 15 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2754aaeb9b41b60f8b4a6cda97d4311e.exe
    "C:\Users\Admin\AppData\Local\Temp\2754aaeb9b41b60f8b4a6cda97d4311e.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5044
    • C:\Users\Admin\AppData\Local\Temp\2754aaeb9b41b60f8b4a6cda97d4311e.exe
      "C:\Users\Admin\AppData\Local\Temp\2754aaeb9b41b60f8b4a6cda97d4311e.exe"
      2⤵
      • Loads dropped DLL
      PID:2884

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI50442\VCRUNTIME140.dll
    Filesize

    92KB

    MD5

    4dc5b7a87d1a9b2155ae150e26b2ccd1

    SHA1

    9896d24967034e3695c1fa176d477f2086487a78

    SHA256

    4b9341bded3a65bd58736073e5f2857cf79d0f7b335b4804d165396b6f531cab

    SHA512

    479cef26c097699f46ac4e7447eb45a9098282ea767420cebf06afe23890390fe7d98ca08763b7457244326de1308f9cf7f4f9fff2ee1e932975693da9e0d6d3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI50442\python39.dll
    Filesize

    92KB

    MD5

    110b1201f6573436ccbb4d7d7eefb111

    SHA1

    3a1ef365c5a78ab83bb35213ea3180e2d101a8a3

    SHA256

    0df4c8ef7faafba3a3bc6f684760499d10eb1240da0366fdad857f16a9632e7b

    SHA512

    f4689b986e63b7fd12e8838c2a9b338e6089611e4c49e51e807ca032c6a7bad7058b7752e40bd55e56e1b5d81910a75cb888f906273a9668156baaae5393b3d6

    Download Submit