Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

FusionBeacon.exe

windows7-x64

6

FusionBeacon.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    545s
  • max time network
    548s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    13/01/2024, 23:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FusionBeacon.exe

  • Size

    168KB

  • MD5

    261e0bb975aad28f0fc84883225e10ad

  • SHA1

    06134738f055a4b351ddb369cb3cb4d8223469fe

  • SHA256

    adbd0c7096a7373be82dd03df1aae61cb39e0a155c00bbb9c67abc01d48718aa

  • SHA512

    a024e25f039e521fb08ec3ee62cb459ddbf5229dd274f8a796aa6d16cf5d86fafa430bb82ce0515a5f9f77543983936affbd9ec9e5d060556867120b94d66b1e

  • SSDEEP

    3072:CtcJe7V1HcxhlUMqc0IUGg4NDd1YaMENt7B07uP:CtcJOVOxbRGivMErt0

Score
6/10

Malware Config

Signatures

  • Blocklisted process makes network request 36 IoCs
  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FusionBeacon.exe
    "C:\Users\Admin\AppData\Local\Temp\FusionBeacon.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:2920
    • C:\Windows\System32\msiexec.exe
      \??\C:\Windows\System32\msiexec.exe
      2⤵
      • Blocklisted process makes network request
      PID:2700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U9VC31Q9\post[1].php
    Filesize

    3B

    MD5

    8a80554c91d9fca8acb82f023de02f11

    SHA1

    5f36b2ea290645ee34d943220a14b54ee5ea5be5

    SHA256

    ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

    SHA512

    ca4b6defb8adcc010050bc8b1bb8f8092c4928b8a0fba32146abcfb256e4d91672f88ca2cdf6210e754e5b8ac5e23fb023806ccd749ac8b701f79a691f03c87a

    Download Submit

  • memory/2700-7-0x0000000000030000-0x0000000000070000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2700-10-0x0000000000030000-0x0000000000070000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2700-9-0x0000000000030000-0x0000000000070000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2700-14-0x00000000024A0000-0x0000000002649000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2700-24-0x0000000000030000-0x0000000000070000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2700-25-0x0000000000030000-0x0000000000070000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2700-28-0x0000000000030000-0x0000000000070000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2700-95-0x0000000000030000-0x0000000000070000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2700-98-0x0000000000030000-0x0000000000070000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2920-0-0x0000000000BA0000-0x0000000000D49000-memory.dmp

    Filesize

    1.7MB

    Download