Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

51106a5640...d3.exe

windows7-x64

7

51106a5640...d3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 16:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    51106a564002320f30435aa6c25b8dd3.exe

  • Size

    2.0MB

  • MD5

    51106a564002320f30435aa6c25b8dd3

  • SHA1

    4304b24f723fbfafbcffa96cc7a5cfea7525ad06

  • SHA256

    499aedc02c1f6fe422cebd2c513346c1d5d474f8b33f121b0e1332f44cd2d2e8

  • SHA512

    8a6462a0a8c229ad5161a274988b0e159ea7698e631f5f37b6e76610463cc446249b6c20b42e57ddc014a1d2eb900d52cbae0574029b433f0029dec9a58b0400

  • SSDEEP

    24576:dgdhhQGGnnazLpj4VHogiuGYNycAavew3mwmI1nk30sKbcGOyRWEMVM8w8sm/FvN:dqgazxcGYN139lnk30raxpX

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\51106a564002320f30435aa6c25b8dd3.exe
    "C:\Users\Admin\AppData\Local\Temp\51106a564002320f30435aa6c25b8dd3.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Program Files (x86)\olmtt\pg.exe
      "C:\Program Files (x86)\olmtt\pg.exe"
      2⤵
      • Executes dropped EXE
      PID:3000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files (x86)\olmtt\pg.exe
    Filesize

    2.0MB

    MD5

    78d5fb110789890d06a9ef4c1d5fa425

    SHA1

    4a435bcd80090445d5e02808ba3598ca5823367f

    SHA256

    514054888dcf2fa0b3184d4ad61a86be4ea689419d805ab1dfef112e3257700d

    SHA512

    309e3662819f27eafd51e7a472c35d5780e593bc2b2922a0bd7b2308b9c883052dde088c879a5fbea1b0e00ed09edaea89111285e7d1161a57deadc2ca2de8f1

    Download Submit

  • memory/2932-5-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/3000-6-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download