Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

51660048d3...61.exe

windows7-x64

7

51660048d3...61.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 19:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    51660048d36ba4c7f0f4c1fb2e738461.exe

  • Size

    837KB

  • MD5

    51660048d36ba4c7f0f4c1fb2e738461

  • SHA1

    dbc2131302f5794aa5223571e30dada5a6718b3d

  • SHA256

    12f7ffc817f235b4f659100182278496343cd79e53181d0f7e081f3c55896515

  • SHA512

    a30a5c8406aa52d46b9275d14a1b4fa817dcdaf1c286c1a2936d942d8715d7a958ed759861753f1adfcc343e9932cbd188da51721539ed289b500a3f2e99f575

  • SSDEEP

    24576:OFdd0TTbZ3tI+rXkPE+PZ1itepHnf/GPQq/ozAVABp1:OvdGa+jMPZo49uP9g+AB

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\51660048d36ba4c7f0f4c1fb2e738461.exe
    "C:\Users\Admin\AppData\Local\Temp\51660048d36ba4c7f0f4c1fb2e738461.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2960
    • C:\Users\Admin\AppData\Local\Temp\is-5PTSF.tmp\51660048d36ba4c7f0f4c1fb2e738461.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-5PTSF.tmp\51660048d36ba4c7f0f4c1fb2e738461.tmp" /SL5="$17014E,814666,148992,C:\Users\Admin\AppData\Local\Temp\51660048d36ba4c7f0f4c1fb2e738461.exe"
      2⤵
      • Executes dropped EXE
      PID:3020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\is-5PTSF.tmp\51660048d36ba4c7f0f4c1fb2e738461.tmp
    Filesize

    61KB

    MD5

    5e0b2c13aa1c4934c8d2b5905dacac29

    SHA1

    2dfe171365d9d5015dc7298c1ba9da7d6ac1b60e

    SHA256

    e7af1542c4354e20641ed1978a36cf84b5f6cbe117f8e705a27d254d52e5ab82

    SHA512

    ad3bc71aa6ddea00de502604a641b730ecbcdb782a6a4b1a490ce70b5bf18fc5af802e7ab91a3cd7a95cf5b65c68ba9e86cf7e014eb41c37dd036f234a03645a

    Download Submit

  • memory/2960-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/2960-9-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/3020-7-0x0000000000400000-0x0000000000414000-memory.dmp

    Filesize

    80KB

    Download