Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

f74a126ba4...3f.exe

windows7-x64

7

f74a126ba4...3f.exe

windows10-2004-x64

7

electron.pyc

windows7-x64

3

electron.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    01/01/2024, 15:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f74a126ba4569255303a09f0d338d13c845f55d1887e343b32b7b35ff47d183f.exe

  • Size

    26.8MB

  • MD5

    b600b348eb3a8d08bc8821a6078551b9

  • SHA1

    2d8471f3f4c25b01dab7e51b5a36c2d9f377097a

  • SHA256

    f74a126ba4569255303a09f0d338d13c845f55d1887e343b32b7b35ff47d183f

  • SHA512

    06fb408924c587e02f3154786e1fd4952428e35bffa8770184d77331b6b668d95119095a6c557c6cf0e3aa1423f8892b94de5986053eadfef3e034bcb4d9a6da

  • SSDEEP

    393216:viDna3FQtsTLHr7M5li8k3mePcGfd0NYMP26Ywg6lCOdrn:vi21QtsPL7M5lDa55F0NYYWYn

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f74a126ba4569255303a09f0d338d13c845f55d1887e343b32b7b35ff47d183f.exe
    "C:\Users\Admin\AppData\Local\Temp\f74a126ba4569255303a09f0d338d13c845f55d1887e343b32b7b35ff47d183f.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2948
    • C:\Users\Admin\AppData\Local\Temp\f74a126ba4569255303a09f0d338d13c845f55d1887e343b32b7b35ff47d183f.exe
      "C:\Users\Admin\AppData\Local\Temp\f74a126ba4569255303a09f0d338d13c845f55d1887e343b32b7b35ff47d183f.exe"
      2⤵
      • Loads dropped DLL
      PID:2512

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI29482\python311.dll
    Filesize

    3.1MB

    MD5

    1f2f1be4b2ded79eb8d5d9e89c94d7a4

    SHA1

    ad6e18775536a79f551cd91ecb2d9232d63ec044

    SHA256

    0bbbedd574235e4b70ff4da5a462a54e344e91fba061afe3dd37054f27c51278

    SHA512

    4c8387ec25f156bf002dba51856bd24060a47707409466d8c87ce30914050cae05ced405a96ae794c8e3c6f10b73eccb86f95881937faf489f8ca41cc44658ba

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29482\python311.dll
    Filesize

    4.1MB

    MD5

    e65cf7f4a9d839c62350798a21ec5949

    SHA1

    d48fe47b46c6a966a98dea8819d46bd599ca0db0

    SHA256

    f7a6986f21b82293bab304378171b8cb0096763c03374586ba88c0f060cd8972

    SHA512

    4706b50f44d4b28b36ea81e1de5a5bd673a905c44cc5d60470267a5d3d1304fd6d228d36a699ec3693adc1664905423088ad03ebad090d6e116270d62442b025

    Download Submit