Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

454701206c...31.exe

windows7-x64

7

454701206c...31.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    06/01/2024, 04:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    454701206c7cb270ec5736814e372631.exe

  • Size

    1.5MB

  • MD5

    454701206c7cb270ec5736814e372631

  • SHA1

    ddc972a4eddf0138dedf5649c0c7205e4506355d

  • SHA256

    e9f5d383cc4bfdc01233e4f54a12cdc52d37b870da0d98628fec832ff215b057

  • SHA512

    27934b55442da5789717ec3afa7c92268c511c00d8135492cb4211413b36e509d114169a5e9f46c1b001eba90b154f4f824a51aae6179949c27a25e0bec4a4c1

  • SSDEEP

    49152:lrq0R07QQmRr7g+zAivrHDoDNAj886vx/:hq0+7uPg+zAEDnw86F

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\79F.tmp
    "C:\Users\Admin\AppData\Local\Temp\79F.tmp" --pingC:\Users\Admin\AppData\Local\Temp\454701206c7cb270ec5736814e372631.exe 69C4F19CBB34D0A81144CC04C5833D3E78C0FB68C0972EC5FC31C06D9CAE0313010842D93B613174DD59E6F2BE39EB741EB52E57CD61E8367DA54B1303ED92F7
    1⤵
    • Deletes itself
    • Executes dropped EXE
    PID:2412
  • C:\Users\Admin\AppData\Local\Temp\454701206c7cb270ec5736814e372631.exe
    "C:\Users\Admin\AppData\Local\Temp\454701206c7cb270ec5736814e372631.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2412-9-0x0000000000FB0000-0x000000000117E000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/2412-10-0x00000000000F0000-0x000000000016A000-memory.dmp

    Filesize

    488KB

    Download

  • memory/2848-2-0x00000000003E0000-0x000000000045A000-memory.dmp

    Filesize

    488KB

    Download

  • memory/2848-0-0x0000000000CB0000-0x0000000000E7E000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/2848-8-0x00000000003E0000-0x000000000045A000-memory.dmp

    Filesize

    488KB

    Download