Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

386c079107...6a.exe

windows7-x64

7

386c079107...6a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    74s
  • max time network
    37s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 13:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    386c079107e01242f4ff32f49c5c1c6a.exe

  • Size

    71KB

  • MD5

    386c079107e01242f4ff32f49c5c1c6a

  • SHA1

    781e163f6478f88fa9c348a5e4a651692fd804e9

  • SHA256

    c139dfe6ba19f52272fc1b2149666ce41eed516d460f6f91079d497fb2f5375d

  • SHA512

    b0d8e1242e481d4f77cff29ede6b128600b10909cf3faa8fc37080cc96bec5900890e6adcd21a1adf6184b98e65f4289c7dd5707b6f8317a63dc609b2fc8b167

  • SSDEEP

    1536:UHs2glCzaPWcAD2Be161tOAdZUv+O8kAzmoScpgfkEfRmGPn8mm7:UHsEzgWcADZa8GM+rzmYpgfaGPn83

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\386c079107e01242f4ff32f49c5c1c6a.exe
    "C:\Users\Admin\AppData\Local\Temp\386c079107e01242f4ff32f49c5c1c6a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2568
    • C:\Windows\SysWOW64\regsvr32.exe
      regsvr32.exe /s Comdlg32.ocx
      2⤵
      • Loads dropped DLL
      • Modifies registry class
      PID:2528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Comdlg32.ocx
    Filesize

    136KB

    MD5

    3ec0a48ed8d8a019175cfa3952ccb3b7

    SHA1

    075ffa431a55a272c2cdfe465ac130ab654ba9e8

    SHA256

    f9ecca1f6718f7ab711e3f675dce438930079ca8649f101fb41a93d85977149d

    SHA512

    0c51c31c0fa9d5b4909a5085bd72881c4e4867f90c0e576d5344b311f4e1d22ed7141ff359e43dcf53e8c84782bc34062c16dab04f63e73487e91b1db4cc33ca

    Download Submit

  • memory/2568-0-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/2568-3-0x00000000003B0000-0x00000000003B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2568-2-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/2568-1-0x00000000003B0000-0x00000000003B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2568-10-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/2568-11-0x00000000003B0000-0x00000000003B1000-memory.dmp

    Filesize

    4KB

    Download