Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

636c2aa816...74.exe

windows7-x64

7

636c2aa816...74.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    144s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/01/2024, 19:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    636c2aa8164496a7b1119a07b646f074.exe

  • Size

    24KB

  • MD5

    636c2aa8164496a7b1119a07b646f074

  • SHA1

    b8d7e05ea612091603a171c096e5940938b6cd73

  • SHA256

    054ebaec781e5f69ef60085b605b4b667041a34080161271b9e0f3b2fadd5505

  • SHA512

    cdbc986eed5d1a023d030c746492fc9e50fc238334f4a6056c3ffd08d94d74d0317620a575f60ad595c686de10af2d2e6bb246dbd79a4b06a8bd35a8125566dc

  • SSDEEP

    384:7uLIPJSC54aN+BMjFaeOEqou811BNvTCv9DoJy//gsuSwdpn071ALCuOOdu5Z:7FP4gpQBA6EXuAPvO1DoJynNJWnG9Os

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\636c2aa8164496a7b1119a07b646f074.exe
    "C:\Users\Admin\AppData\Local\Temp\636c2aa8164496a7b1119a07b646f074.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:3136

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\gameset.dat
    Filesize

    29KB

    MD5

    29e96f476e8ecf7d9b1ff0d7a437eb4c

    SHA1

    139d7346094329c1d619bc4765ecd367f3fec4ef

    SHA256

    56a13514355c394cea03914287e2fb54e418eef9a1e1d63ab200cdb0b0ce7ff2

    SHA512

    115f5458667d740c44ff0ede6912ad5845cfe28c7f672d2bfdddcda569da5cf5d42cb8cdec3989607ff4b8ad13de1dda31e683a3887ba0b5b2392db0f0c07cc5

    Download Submit

  • memory/3136-0-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3136-10-0x00000000009C0000-0x00000000009CD000-memory.dmp

    Filesize

    52KB

    Download

  • memory/3136-13-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download

  • memory/3136-14-0x00000000009C0000-0x00000000009CD000-memory.dmp

    Filesize

    52KB

    Download