Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4c0b3b68cb...96.exe

windows7-x64

7

4c0b3b68cb...96.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    155s
  • max time network
    180s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/01/2024, 17:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4c0b3b68cbf718273aceb51e40f34496.exe

  • Size

    6.9MB

  • MD5

    4c0b3b68cbf718273aceb51e40f34496

  • SHA1

    1be9e0101364b4a45be7c638693df28761a44543

  • SHA256

    9059c9a083bfb14cee123d6377bdd409cc00a022536385c9e491b067c64e9de6

  • SHA512

    d7d42ad219edb76225fab98656845f5f0048da9f49b1c9e2624c34a314c81918ef1a49e69ac81d6d33ff9e135976c1686016e46721dddabef27d20ad6c28c6ce

  • SSDEEP

    98304:C+8SA1D491b+sX1ZvbeAyJZlQ9UeNnhXH6MGjrr4xccIv3V4LHnT68:C+S1M91CsXDjDyfO9/r6MGE6j/4HTl

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 16 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4c0b3b68cbf718273aceb51e40f34496.exe
    "C:\Users\Admin\AppData\Local\Temp\4c0b3b68cbf718273aceb51e40f34496.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3108
    • C:\Users\Admin\AppData\Local\Temp\4c0b3b68cbf718273aceb51e40f34496.exe
      "C:\Users\Admin\AppData\Local\Temp\4c0b3b68cbf718273aceb51e40f34496.exe"
      2⤵
      • Loads dropped DLL
      • Suspicious use of SetWindowsHookEx
      PID:460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\VCRUNTIME140.dll
    Filesize

    93KB

    MD5

    ade7aac069131f54e4294f722c17a412

    SHA1

    fede04724bdd280dae2c3ce04db0fe5f6e54988d

    SHA256

    92d50f7c4055718812cd3d823aa2821d6718eb55d2ab2bac55c2e47260c25a76

    SHA512

    76a810a41eb739fba2b4c437ed72eda400e71e3089f24c79bdabcb8aab0148d80bd6823849e5392140f423addb7613f0fc83895b9c01e85888d774e0596fc048

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\_bz2.pyd
    Filesize

    84KB

    MD5

    fb4cc31572e87bd27235e79cbe809066

    SHA1

    4264836c0e096bd68c110a27743c7425c49c7627

    SHA256

    fd230c44ced7358a549dfeabd5b7acd0cab94c66cd9b55778c94e3f6ed540854

    SHA512

    64c5a61da120ec12cde621e9e0a5c7c2d4e9631cc5826e6f9ca083d7782c74a8a606e0572d7f268fb99d5c8c30b60a9cf4e9b9a222c4ad1876bdda40bf36d992

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\_cffi_backend.cp39-win_amd64.pyd
    Filesize

    178KB

    MD5

    8fad23c4023a62718ab512b31a58baa0

    SHA1

    3539b76e7cec9b73492f5c588fc80c424918eb82

    SHA256

    5dbadae6fff1fbfcac1937d3f0d38a75fe61ce2968240193f3ebd35d00e41ea9

    SHA512

    d02bfddf9b21e474eb1b43d338ff14e573f6639a67c4f9d8ca5d2b53edf13317107f42e660c3596d91650dbbff6863e12ee17c459c26aa4a0da708d6a80dab53

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\_ctypes.pyd
    Filesize

    124KB

    MD5

    3acd4d8d1ea5deaac665f8be294b827f

    SHA1

    0b185ca6badb44148db3eaa03daeddfa472d8b31

    SHA256

    64725476a8f97309215b04d38071941bf8ceaf0534fcca081cbf8e1da31f3b53

    SHA512

    2535363b6c1035fb9f8a7da9b4e82a769540933a3e0a0ab20f1ead389f679c76901c887567a413926fd728f37f4d3710ecae634adb4649477e05f413efa2a549

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\_hashlib.pyd
    Filesize

    64KB

    MD5

    b8c0bd956fdcd86a3fd717a2c1442812

    SHA1

    15126e64b4530c0d6533b0b58e38901d571599f1

    SHA256

    9d79786650e7a7eaf028d2b79481fc5675afa6309eee4f7857553818e35dd54b

    SHA512

    010bcb89bb4387122651f6aa25a54e3e06d233318aed3fbd0e071efe265386dbd1260081983fc6f9a91107b84765ed08e7795af73f2acfc2fd6029c2048c3d59

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\_lzma.pyd
    Filesize

    159KB

    MD5

    6ee5579d3fe9a03d3fe486ee66f1ced5

    SHA1

    7649fe4d67977c2b18439dfc420c1deafbb0d412

    SHA256

    f7ce997cf23a8e6e79f342aec5c9c7a8f45d9280941bf2986723bc220ed3e094

    SHA512

    6cd6e9077e73ff8ff83b6928758fa08dbb4aefd73a29f7bde9cfcad3535311dfdefbc082f1311bf6bc526ce57ccd6d9ebdedd11ffae18c1697aa8ea24005a092

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\_queue.pyd
    Filesize

    28KB

    MD5

    08adb231f61035263e16061a0d6664f6

    SHA1

    908d7b62dc190ec055d705271b663875971bb85a

    SHA256

    a4322f5223dc220adfc9191306512a8303776329a1aab65f9930a90f9b524824

    SHA512

    49fe85f5aba99eb996c60227c1cb81be7f0a835e3a88fca1ef642459030267adb16660012f8fd2a11cfc79f22577d94bb747e7a146b636b5855f0f66f66f4dca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\_socket.pyd
    Filesize

    78KB

    MD5

    7f3066232da4d43420d8a3f6a3024b75

    SHA1

    7feb1633a185f5a814b4c61553531ce9ad08e1b7

    SHA256

    2561a4f41702d23045c19827925c59d42acc2e167bc9ae53f0eac3ed2d18e4e5

    SHA512

    cecfaa538af8337d6ba34fc0d11c293b7851c4cbc83a8fe47937093154833be1ef322bc9b574baf0f41a47a1dc6fc0d465275ee8cd90fb36337bd9ad22663512

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\_sounddevice_data\portaudio-binaries\libportaudio64bit.dll
    Filesize

    359KB

    MD5

    c36f304df9baf0ee2b88c8d8ec7b6776

    SHA1

    7f6a6837ecbd3cd2619eda820ca1d63ce8ffd4b5

    SHA256

    a5554a4e963cb8e332aef9fed4591a3021c296b7923f9b8c22ff6060e651dc1d

    SHA512

    b9a330c2d633265287014e8ef6ea32b48289b2cb9ece4ece1713e0af890a09e710fd2f2c49294f73617bb94f199c2b3590c0829cdc39a77c31de94ac3bb7bea3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\_ssl.pyd
    Filesize

    150KB

    MD5

    c3b612d5d1627e3a5d2617021e40ee4c

    SHA1

    738177b18736fb83430508832c2d7ab50e2732a4

    SHA256

    a9784768c1f41a8941ed30afeeeb42433154f91bd6e4c425bf8bb78d8cc70c61

    SHA512

    515d5a1ae422ad4eaae28144eea45c1d6d1faba3838a21579256ea781e1cdfeb954e33192fa1139f8873d11d05486760608571ebf9c0b16344b6eb0e21a89aca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\base_library.zip
    Filesize

    763KB

    MD5

    66a99308c1e466cd8058b7e2119df9ec

    SHA1

    87b3efec3bf8de2737ace8709a90334bf7ccb961

    SHA256

    7f4718124aa1320077dc64aeeb0a4868fd127dc630c79f3e6db7298acf9043ce

    SHA512

    192ddd8e5fee42cae1a041c982bfa4aecf9ccc0c6f3553510f274a2e337177cbc9cfcc93a00eb2ed228ee9731c5eb7a988707a5814d88714521d0a2f1e6d8a03

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\libcrypto-1_1.dll
    Filesize

    3.2MB

    MD5

    89511df61678befa2f62f5025c8c8448

    SHA1

    df3961f833b4964f70fcf1c002d9fd7309f53ef8

    SHA256

    296426e7ce11bc3d1cfa9f2aeb42f60c974da4af3b3efbeb0ba40e92e5299fdf

    SHA512

    9af069ea13551a4672fdd4635d3242e017837b76ab2815788148dd4c44b4cf3a650d43ac79cd2122e1e51e01fb5164e71ff81a829395bdb8e50bb50a33f0a668

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\libffi-7.dll
    Filesize

    32KB

    MD5

    eef7981412be8ea459064d3090f4b3aa

    SHA1

    c60da4830ce27afc234b3c3014c583f7f0a5a925

    SHA256

    f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

    SHA512

    dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\libssl-1_1.dll
    Filesize

    674KB

    MD5

    50bcfb04328fec1a22c31c0e39286470

    SHA1

    3a1b78faf34125c7b8d684419fa715c367db3daa

    SHA256

    fddd0da02dcd41786e9aa04ba17ba391ce39dae6b1f54cfa1e2bb55bc753fce9

    SHA512

    370e6dfd318d905b79baf1808efbf6da58590f00006513bdaaed0c313f6fa6c36f634ea3b05f916cee59f4db25a23dd9e6f64caf3c04a200e78c193027f57685

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\python39.dll
    Filesize

    4.3MB

    MD5

    64fde73c54618af1854a51db302192fe

    SHA1

    c5580dcea411bfed2d969551e8089aab8285a1d8

    SHA256

    d44753fe884b228da36acb17c879b500aeb0225a38fb7ca142fb046c60b22204

    SHA512

    a7d368301a27ee07a542e45e9ad27683707979fb198b887b66b523609f69e3327d4b77b7edc988c73a4fe26c44bff3abfcd032a991cd730fd8e0de2dad2e3a06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\select.pyd
    Filesize

    28KB

    MD5

    f0a0ccc0013628ca15ee36d01d568410

    SHA1

    fac5a6061487c884b8987aa4ca2e098193b5388d

    SHA256

    e357e363a0b381183bf298aadf8708eaaf4e15b8ce538e5dd35d243951e07a87

    SHA512

    f01b75debbd62a7c79464aaec7dee4d4b4087cdc6fb2da4ed1ca3f32fbd4c1798a58fb1e3a0910e611c2513529a0b1bdeecb4a571432ca647a6fc592ee731825

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI31082\unicodedata.pyd
    Filesize

    1.1MB

    MD5

    9a0230f1308e5fa5bc116e1007cbb87f

    SHA1

    f934a73dc8c0b2b575dee45b87ea9dcced6d1218

    SHA256

    16cd3b343d9ae9364aa6174f3b77199dd54d60f87a1cb4d99cd0ddbbdb3cfb38

    SHA512

    01d4c161c2869594cf65a105f4586f735b934a485b021439c13088c553faaf766d3d3003bf194c7e4170bb48077b3464b40e5496483c11208cdbf485ff2482c8

    Download Submit

  • memory/460-53-0x000000006F7C0000-0x000000006F821000-memory.dmp

    Filesize

    388KB

    Download