Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

4ec3f2ffb5...6b.exe

windows7-x64

7

4ec3f2ffb5...6b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    09/01/2024, 16:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4ec3f2ffb52b1dc7c893be96f0c1c56b.exe

  • Size

    9.3MB

  • MD5

    4ec3f2ffb52b1dc7c893be96f0c1c56b

  • SHA1

    14dd6fd55febfe80557b68458f9de343dcef263b

  • SHA256

    c73271c267bd49b3ecd456aa756a5db01147d81835918df75af1475199043f2c

  • SHA512

    3f6b648b3f40dfcfd378958c25c4db2cbefba3b95f207ce11d92825fb9f25529adbd104d1eaf8188c0faf6c91beea808cb20fddd350ccc55ac1a984e1deaf449

  • SSDEEP

    196608:OZZPuSCsXDjDyf6L2WliXYrHW1B48RmU/FZlsPvyQTvN8CHVlJR+:YPLCEDVL2ciIrHWTtNFZWyQTtVz

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4ec3f2ffb52b1dc7c893be96f0c1c56b.exe
    "C:\Users\Admin\AppData\Local\Temp\4ec3f2ffb52b1dc7c893be96f0c1c56b.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2468
    • C:\Users\Admin\AppData\Local\Temp\4ec3f2ffb52b1dc7c893be96f0c1c56b.exe
      "C:\Users\Admin\AppData\Local\Temp\4ec3f2ffb52b1dc7c893be96f0c1c56b.exe"
      2⤵
      • Loads dropped DLL
      PID:1844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI24682\python39.dll
    Filesize

    1.2MB

    MD5

    164159217fcb6e45b165a90f26e38e45

    SHA1

    ae1e212e57d956634fe00a8da766485f2b42cac0

    SHA256

    877d4784164948c09c717157a3088807b17aac28ed992ba735e4e922f5efafae

    SHA512

    5ba19d286b4d76ddf209a283ea16ee32801cf5737254bb920e4966ab8c026711a9a0bcbe240f032d5d2170c179a3d6f4e52ed0743e547fcca574ef1b73f93f81

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI24682\python39.dll
    Filesize

    1.3MB

    MD5

    bea8fc928c96532f79c872f0c952e384

    SHA1

    94c8846b036fbc53db56eedf085d558f6a6dd899

    SHA256

    7700bc90cf4bacad603bf22a02d06b3d04416a9c40cb827d2975eb0779d0a30e

    SHA512

    8ce93c9e2cc0cfb62415aa7b91b71fefe4461d32a81ab4bf68c263e5657c6071930ed15a98be7f10629fbf1c3bbf4d6537cb2878441e32f72d9ba555218c20f5

    Download Submit