Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Creal.exe

windows7-x64

7

Creal.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    05/01/2024, 13:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Creal.exe

  • Size

    13.2MB

  • MD5

    bec3815764e313618da5a64890926a4b

  • SHA1

    2cfc144aa32f51527493b5639da47646b656ef0b

  • SHA256

    5c215f76ad1d1bee14572365b54bd43d3da825f2cc7aa8e90c2a76c865bcf731

  • SHA512

    fb779e91786efd4ed9c6bd84cd38e2f4351ac1cad550fe7ad04734f9d9c0f26cb9f80222840369b14027689e04a5fedd99fbf1dd9572d9e79dab2426d811a94e

  • SSDEEP

    393216:/XGD2nwW+eGQRIMTozGxu8C0ibfz6e57g1bmXiWCUI:/2DawW+e5R5oztZ026e5WFVUI

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Creal.exe
    "C:\Users\Admin\AppData\Local\Temp\Creal.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2432
    • C:\Users\Admin\AppData\Local\Temp\Creal.exe
      "C:\Users\Admin\AppData\Local\Temp\Creal.exe"
      2⤵
      • Loads dropped DLL
      PID:2524

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI24322\python312.dll
    Filesize

    244KB

    MD5

    15f570bc438b4dde115d3f506b4c0dce

    SHA1

    3fbdb97fa2335377d3dc608f083363dd7ad67ae5

    SHA256

    4ed0fbdbc9c0959a98c4b82b5d42683c930d824ca4848bbcd683cfabe855b52a

    SHA512

    b960ce224eedc71ae222a4279d71648353febd50c6a5bcc6bd875139043bf99caefcf1186fe35fc5123c47a6b9d2edfb6f2e9fe1d46d6a021fb059f08b92d101

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI24322\python312.dll
    Filesize

    137KB

    MD5

    8e1eb6168ccd6fad42ba5f2dcea2be90

    SHA1

    f14c670a6fca1ee6c41c147fe3fbede5b0371f1f

    SHA256

    dea1369801620bcd929a2282ef11f27629a114b6d1f587f90984586316483fcc

    SHA512

    6e19d8a4884d57dc53a1bcd7b31fa5a7acec5197593a1bd66c0a807b1a54b40ebcdf9cd78d9c8eb3d110c0287d0bee98a2424ee5fad2cec090f25a8480830f4e

    Download Submit