Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4032f2e420...e1.exe

windows7-x64

7

4032f2e420...e1.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/01/2024, 06:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4032f2e4206f5ea90569b37172935de1.exe

  • Size

    38KB

  • MD5

    4032f2e4206f5ea90569b37172935de1

  • SHA1

    5bf37f8e0cbaf02b575c5a6fda7807d3dba96480

  • SHA256

    243222098a4a5e95a520b957e39c4b293cdad3b5b0d9fd6ef30803616e0659ab

  • SHA512

    123a56765aa925bda77000e0e5ef49487f7264a0d1a8c5244a3cfc4a37bf7e12d23c9938e437be708e8233f8fcfa145161ebeeaa81d0dc18b1f7a4c89ec6691d

  • SSDEEP

    768:oj4XZ/xzcFu6bw+JpWCR9Pv7vWC+AwaCG241zw7nbcuyD7UM:ocJ/x4jbvz/be8r1zWnouy8

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4032f2e4206f5ea90569b37172935de1.exe
    "C:\Users\Admin\AppData\Local\Temp\4032f2e4206f5ea90569b37172935de1.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2444
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\\uninstf7616db.bat" "C:\Users\Admin\AppData\Local\Temp\4032f2e4206f5ea90569b37172935de1.exe""
      2⤵
      • Deletes itself
      PID:3024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\uninstf7616db.bat
    Filesize

    59B

    MD5

    2988b921fbed03f9c93c5d538932bbe3

    SHA1

    4b791b3d59ae76ff091c2cf201b40f5d1b432a3f

    SHA256

    a1769979622d3d25829be12474ad32ccfdfcac59785dac2fc10ae49c300e4ea3

    SHA512

    2920c6e9851973371dc238da1ee3c63d41c7820637856ee92c67e9489c1790e3fad287d229440d124e60b978f6819d04b47c40de9034cbd9de422aaafc2b07f9

    Download Submit

  • memory/2444-0-0x0000000000400000-0x0000000000411000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2444-2-0x0000000000400000-0x0000000000411000-memory.dmp

    Filesize

    68KB

    Download