Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

5a337cc454...3a.exe

windows7-x64

7

5a337cc454...3a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    14/01/2024, 03:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5a337cc454d7f2ab45cd0ef2f05e793a.exe

  • Size

    26KB

  • MD5

    5a337cc454d7f2ab45cd0ef2f05e793a

  • SHA1

    79e1f0edafb7efb5866a55b0c25f4fb9f6a7cdd2

  • SHA256

    de56850b144003ff12e59fa5c04fbad97c0ad813fc1f08ab8396066fd426091c

  • SHA512

    1834567d304f71b4ad5c24609300af1fbfa5381fc171b63a7583f89ca5c9f9cd7922f6baaa083bb580f8c64a20e42b13e67a0b7053c11a8b3b084c454af9193d

  • SSDEEP

    768:U+MFiJemgblK3dyv5g+dNVO5IxQ6KEE649TW:MFwKKtb+dTO+xQMEBW

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5a337cc454d7f2ab45cd0ef2f05e793a.exe
    "C:\Users\Admin\AppData\Local\Temp\5a337cc454d7f2ab45cd0ef2f05e793a.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:3020
    • C:\Users\Admin\AppData\Local\Temp\5a337cc454d7f2ab45cd0ef2f05e793a.exe
      "C:\Users\Admin\AppData\Local\Temp\5a337cc454d7f2ab45cd0ef2f05e793a.exe" K
      2⤵
      • Loads dropped DLL
      • Drops file in Program Files directory
      • Suspicious use of SetWindowsHookEx
      PID:2884

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Internet Explorer\IEXPLORE32.Dat
    Filesize

    35KB

    MD5

    3e43457fec22e4bc0d5f8a77401ce39d

    SHA1

    32c76e3b825a8ac9f77e62d21f053619344f6d2d

    SHA256

    fb7a8a046eed52af5e2d36a07f2d051d4e7752ab4b759aa4db7f937b50ca65ac

    SHA512

    3fc14bece66969c9d6a88d5220866118b59b9b92066770a37f0165f586d0b56de13a83d5151b39c074cb5d1e0a494d6699733cb867eca4b3c23ed7fd0683096d

    Download Submit

  • C:\Program Files\Internet Explorer\IEXPLORE32.jmp
    Filesize

    26KB

    MD5

    e324b1717c91c0aab0614ada79e98e24

    SHA1

    c217d8298a79c70c826ff637d65858f587523609

    SHA256

    61806c3e42e43b7fb76bcca593b33874779b89fef8e8b22ff4b166bc8f0402da

    SHA512

    0bbe79f678f4af96ea913f89d68a603b4de7140352db2d4155fd15f9e5de655c9e3fcf07d8e53f44a923a16d682d4477c4b78c186af544e5254feff90239a224

    Download Submit

  • memory/2884-5-0x0000000000400000-0x0000000000418000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2884-8-0x0000000000220000-0x000000000022E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2884-9-0x0000000000400000-0x0000000000418000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2884-10-0x0000000000220000-0x000000000022E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3020-1-0x0000000000400000-0x0000000000418000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3020-3-0x0000000000400000-0x0000000000418000-memory.dmp

    Filesize

    96KB

    Download