Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

47b33998ef...6d.exe

windows7-x64

7

47b33998ef...6d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    07/01/2024, 01:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    47b33998ef4e57beb34ee2a8f1a6466d.exe

  • Size

    53KB

  • MD5

    47b33998ef4e57beb34ee2a8f1a6466d

  • SHA1

    34cfe59fddf479b8b15a56e2a530141db434e59e

  • SHA256

    c91af1f36a2009b0199b39c296396d0cd4cecad91d7d0e28dfd98de728ad0ea8

  • SHA512

    23d085c01ee68b7cd87a60fea955839dffba051d2a5b6725ac7ca31c295883390a7cbe42bd70ed5dd8c3dc858a15b6b9ee1b53a8f9682e46d29cc805519b1f51

  • SSDEEP

    1536:+NILhgs+xc5PtRDVjO2PT+3t0j4UOmk2jP+:+NIfPPxOdt/pmh+

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\47b33998ef4e57beb34ee2a8f1a6466d.exe
    "C:\Users\Admin\AppData\Local\Temp\47b33998ef4e57beb34ee2a8f1a6466d.exe" x
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:2216
  • C:\Users\Admin\AppData\Local\Temp\47b33998ef4e57beb34ee2a8f1a6466d.exe
    "C:\Users\Admin\AppData\Local\Temp\47b33998ef4e57beb34ee2a8f1a6466d.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:2240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2216-9-0x00000000003C0000-0x00000000003D6000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2216-6-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2216-10-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2216-11-0x00000000003C0000-0x00000000003D6000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2240-1-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2240-4-0x0000000000220000-0x0000000000240000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2240-3-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download