Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

5b400f024b...f0.exe

windows7-x64

7

5b400f024b...f0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    14/01/2024, 12:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b400f024ba11a2b96a493178a3785f0.exe

  • Size

    994KB

  • MD5

    5b400f024ba11a2b96a493178a3785f0

  • SHA1

    99b10077bb9b55232225f388c83b23bf17406a98

  • SHA256

    ff4e18bac71a13a37d1c996771f617215a78ecae5e3ad61dc9ca4e5b27447033

  • SHA512

    42b425edac53437599e7a01c4e17d7e121b1fe7d6986fbea2450bf7bfba2f19fd65c6ef92b89646722eaca0e632e43c4bfe9275a978eefedb3c889fd53b32951

  • SSDEEP

    24576:dgdhhQGGniba/WPpuvlBEaneHueYQFSMVp3aUfV:dqj5s8+elYQFSMqQ

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5b400f024ba11a2b96a493178a3785f0.exe
    "C:\Users\Admin\AppData\Local\Temp\5b400f024ba11a2b96a493178a3785f0.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:2228
    • C:\Program Files (x86)\wcfhvhd\wc.exe
      "C:\Program Files (x86)\wcfhvhd\wc.exe"
      2⤵
      • Executes dropped EXE
      PID:2264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files (x86)\wcfhvhd\wc.exe
    Filesize

    1002KB

    MD5

    336263713e27ba82856c882315be0e29

    SHA1

    2c5ab1f64ebfed0f3e975e669a68fd5b4ecb4e4a

    SHA256

    3a5f1c229495bdb6427a1998ade0b53fef230cd86de40084976c2321280c36a1

    SHA512

    f8ca87a4ab2bd0c40144d1a31c373ecc5869f4e58a9d642369e7c5389fa2e18dc5f7f644ca26848592d96140264d7e02c94b8c27c8c47377bebafe11dcd2cca2

    Download Submit

  • memory/2228-4-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/2264-6-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download