Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

7fd7835215...a4.exe

windows7-x64

7

7fd7835215...a4.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    09/01/2024, 02:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7fd7835215946026612456572996b4a4.exe

  • Size

    14.4MB

  • MD5

    7fd7835215946026612456572996b4a4

  • SHA1

    64b5f2d6a5fd2a36e70436af29deae0ceafbb457

  • SHA256

    6bbd73fb9dbfa61e7e17f94f19087009bdeed47619c7fcdaa790afbd82f020fa

  • SHA512

    d88e622f96631e639f44b516f3c89f1c3547840a3091b3535e0baed921e81e42d37ad1848732e79580ca3cf4347b83a1102678e45474692f3ddc19507f04886f

  • SSDEEP

    393216:/X7QMidQuslSq99oWOv+9fgTz+qk7/MOw:/LQ3dQuSDorvSYTz+b/A

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7fd7835215946026612456572996b4a4.exe
    "C:\Users\Admin\AppData\Local\Temp\7fd7835215946026612456572996b4a4.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2216
    • C:\Users\Admin\AppData\Local\Temp\7fd7835215946026612456572996b4a4.exe
      "C:\Users\Admin\AppData\Local\Temp\7fd7835215946026612456572996b4a4.exe"
      2⤵
      • Loads dropped DLL
      PID:2508

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22162\python310.dll
    Filesize

    1.5MB

    MD5

    ba1bfd6c5b8b2fe6b1f6f2f63e82ce74

    SHA1

    e87f9277dc6d365d811e0bf0387e43695cdd9c28

    SHA256

    d8fca8d4a8fe793ade26cc1f7ec921bef5bf4a98eecbb9e937e7c60b5155fea9

    SHA512

    917528645a70fcea722db2897c56542691ea3f33c577bd06fa2234272d9a05b8431f0d61b5c381dfdc23edea062fd27563a46e2ed8a320d52f58b8f688d14e58

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI22162\python310.dll
    Filesize

    1.1MB

    MD5

    514a9571f219b21b1a9aa189c6b8690b

    SHA1

    b7b2a42bbfa1b7fa6a0df939d4603057e98319bd

    SHA256

    20ac6b9da2c11d5fb6b058d4c412627037d31a12ced6dcc8e4f20e7acc7b596f

    SHA512

    3e170fab79b9d72f57720fa890cd217de00da1356e94652aa79315890cb77e66e9587d8ef5d353eaad15723f8e73b777a58e45cb906f07647cdcc94e47850289

    Download Submit