Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

411c0dac75...a0.exe

windows7-x64

7

411c0dac75...a0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    7s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/01/2024, 14:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    411c0dac755c75716225dc491f202da0.exe

  • Size

    841KB

  • MD5

    411c0dac755c75716225dc491f202da0

  • SHA1

    7c315b9956a7830b1309afc7aa546851757ceb59

  • SHA256

    feb58133510297f098e0da758df1e76b43166a12be82e6fc033b227de739d315

  • SHA512

    6031e562f31a058ca8fc33a0288a796b93d1cf590a92cd121b8edb859ecc330ab131b62c76f1665b5b3f15c39693a8644d496d6c76d8c30aab1e2819858ba033

  • SSDEEP

    24576:goKPe7+9c1zVF6EvkCS05iQksiQrGR0ST:goKPENBVMEv9D5zxrGRb

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 3 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\411c0dac755c75716225dc491f202da0.exe
    "C:\Users\Admin\AppData\Local\Temp\411c0dac755c75716225dc491f202da0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2844
    • C:\Users\Admin\AppData\Local\Temp\INSED6B.tmp
      C:\Users\Admin\AppData\Local\Temp\INSED6B.tmp /SL3 $E0154 C:\Users\Admin\AppData\Local\Temp\411c0dac755c75716225dc491f202da0.exe 846233 849576 61440
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:2728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\INSED6B.tmp
    Filesize

    92KB

    MD5

    395b006f854860d12decfb03985f7827

    SHA1

    723184eb72f15595f06068eff272d21e5d4aa243

    SHA256

    48a805a3bebdc99d85bb544eebe34149150553d42ec14fb969f4389280b515f2

    SHA512

    70b440c05a4d5ac0a6b7f42f9198e0265ae93a4958ce8a343d538ee3b873250d4bcb692260c60445a73fad3bda671b846960e96f192957a4f23758f07b668236

    Download Submit

  • memory/2728-12-0x0000000000400000-0x000000000046B000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2844-11-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download