Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

55058ccf20...c9.exe

windows7-x64

7

55058ccf20...c9.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/01/2024, 00:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    55058ccf20837ac4f4cb3630bdce19c9.exe

  • Size

    1.2MB

  • MD5

    55058ccf20837ac4f4cb3630bdce19c9

  • SHA1

    2f108a08abf3d61084821cab11840df200b31b2c

  • SHA256

    e78ee29611e472c11c12ae29fc34c9d0ff048f29c9a6777d21f365de929826d5

  • SHA512

    b4e49d94828a2978e378332de1faab68226a028a0149cbcee576fe3ad3c7abfa3df46f15bb10039b6d1f2131354e69e1b103a81b80e248935adee348a86b3577

  • SSDEEP

    24576:u2Qg2WHqIC01v5nyHLY0uw5lKYlm+x1fbwAlZgSUBhmt:DQmLyrYgcRi1n7gSUUt

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 5 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 23 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\55058ccf20837ac4f4cb3630bdce19c9.exe
    "C:\Users\Admin\AppData\Local\Temp\55058ccf20837ac4f4cb3630bdce19c9.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\benjiang\iext.fnr
    Filesize

    216KB

    MD5

    cba933625bfa502fc4a1d9f34e1e4473

    SHA1

    5319194388c0e53321f99f1541b97af191999a09

    SHA256

    25549c7781b3f1b92e73b0ea721d177207cce914a66f3229a71291f2eb160013

    SHA512

    f5fb4b97c4f68a20e0847e6528740ce659c4501726f3b2dff1ac83e88a3b7198099da03edb0f069cd4af7ed568a2373597b235cd239895addfa5226d3a444142

    Download Submit

  • \Users\Admin\AppData\Local\Temp\benjiang\iext2.fne
    Filesize

    460KB

    MD5

    6eb20bb6cafd6d31e871ed3abd65a59c

    SHA1

    ae6495ea4241bcde20e415f2940313785a4a10d2

    SHA256

    2b3fe250f07229eaa58d1bc0c4ac103ba69ad622c27410151ce1d6d46a174bae

    SHA512

    562edc1f058bc280333a6659fceb5a51b3a40bea7aca87db09b0cc1ca1966f26f2a7e4760b944e2502e20257544f85cf9c32f583f1dec06271a35dcfb8fa90f4

    Download Submit

  • \Users\Admin\AppData\Local\Temp\benjiang\krnln.fnr
    Filesize

    1.1MB

    MD5

    638e737b2293cf7b1f14c0b4fb1f3289

    SHA1

    f8e2223348433b992a8c42c4a7a9fb4b5c1158bc

    SHA256

    baad4798c3ab24dec8f0ac3cde48e2fee2e2dffa60d2b2497cd295cd6319fd5b

    SHA512

    4d714a0980238c49af10376ff26ec9e6415e7057925b32ec1c24780c3671047ac5b5670e46c1c6cf9f160519be8f37e1e57f05c30c6c4bda3b275b143aa0bf12

    Download Submit

  • \Users\Admin\AppData\Local\Temp\benjiang\odbcdb.run
    Filesize

    168KB

    MD5

    01a2be28bc5be46aca82bdcfe3e88178

    SHA1

    d9063876eb61ae0bb4ae0a824afb7488cff97689

    SHA256

    af600864bdaebfa083c708782501735ab61076c236f0da7326a393e9fbda3b4b

    SHA512

    d3fdb9cdd78d253b131e37f032be05ed24e49551e106e26fd6fc6bd7162db7146944af48c49652ed2a078ade67ebae53566139e3bd955dba183edf45897191bb

    Download Submit

  • \Users\Admin\AppData\Local\Temp\benjiang\xplib.fne
    Filesize

    48KB

    MD5

    37a58e1c5ce48e401ee8dd1d1da54814

    SHA1

    a87d00d78838c2d968b72330ee6f21f69b2caae5

    SHA256

    1c426928fb90bedb31fcffa0f3fbe7bdbca4259f93f5abdefed6a9a089f2982c

    SHA512

    e85052fc305040bdcaf47262e0ce6eef0848b319baac72a076dc94e7d20ea7ad8fbdd7d5381606a3154ab84fe81429bb339123ac1cd94551b1dc9cecfb7a08bf

    Download Submit

  • memory/1536-0-0x0000000000400000-0x0000000000455000-memory.dmp

    Filesize

    340KB

    Download

  • memory/1536-11-0x0000000000460000-0x00000000004A4000-memory.dmp

    Filesize

    272KB

    Download

  • memory/1536-15-0x00000000020D0000-0x0000000002153000-memory.dmp

    Filesize

    524KB

    Download

  • memory/1536-19-0x00000000002C0000-0x00000000002CD000-memory.dmp

    Filesize

    52KB

    Download

  • memory/1536-22-0x00000000003D0000-0x00000000003FE000-memory.dmp

    Filesize

    184KB

    Download

  • memory/1536-25-0x0000000000400000-0x0000000000455000-memory.dmp

    Filesize

    340KB

    Download