Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

5b400f024b...f0.exe

windows7-x64

7

5b400f024b...f0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    14/01/2024, 12:35 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b400f024ba11a2b96a493178a3785f0.exe

  • Size

    994KB

  • MD5

    5b400f024ba11a2b96a493178a3785f0

  • SHA1

    99b10077bb9b55232225f388c83b23bf17406a98

  • SHA256

    ff4e18bac71a13a37d1c996771f617215a78ecae5e3ad61dc9ca4e5b27447033

  • SHA512

    42b425edac53437599e7a01c4e17d7e121b1fe7d6986fbea2450bf7bfba2f19fd65c6ef92b89646722eaca0e632e43c4bfe9275a978eefedb3c889fd53b32951

  • SSDEEP

    24576:dgdhhQGGniba/WPpuvlBEaneHueYQFSMVp3aUfV:dqj5s8+elYQFSMqQ

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5b400f024ba11a2b96a493178a3785f0.exe
    "C:\Users\Admin\AppData\Local\Temp\5b400f024ba11a2b96a493178a3785f0.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:2228
    • C:\Program Files (x86)\wcfhvhd\wc.exe
      "C:\Program Files (x86)\wcfhvhd\wc.exe"
      2⤵
      • Executes dropped EXE
      PID:2264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files (x86)\wcfhvhd\wc.exe
    Filesize

    1002KB

    MD5

    336263713e27ba82856c882315be0e29

    SHA1

    2c5ab1f64ebfed0f3e975e669a68fd5b4ecb4e4a

    SHA256

    3a5f1c229495bdb6427a1998ade0b53fef230cd86de40084976c2321280c36a1

    SHA512

    f8ca87a4ab2bd0c40144d1a31c373ecc5869f4e58a9d642369e7c5389fa2e18dc5f7f644ca26848592d96140264d7e02c94b8c27c8c47377bebafe11dcd2cca2

    Download Submit

  • memory/2228-4-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/2264-6-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.