Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

SecuriteIn...99.exe

windows7-x64

7

SecuriteIn...99.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    20/01/2024, 21:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Python.CrealStealer.4.28055.30099.exe

  • Size

    14.4MB

  • MD5

    1e68e1e04a5e94d7a17f686a488051ff

  • SHA1

    09122f9525a957faf0d96c81ab95bb4def243c64

  • SHA256

    32ed36fb1c3f23fbb5c9c3ca61ae089558cd85e5dec4777359c1a6ee6eb2b82e

  • SHA512

    690415cefe821465600c3539b843b443c064b00c235ff27d8f4d80d03456d8de1b32f38fc2f4f36eba6eea938e71d6a78a74e2113486f5d857bf87c5bb2a370d

  • SSDEEP

    393216:au7L/sQboidQuslSq99oWOv+9fgSMA+NT7:aCL0QbjdQuSDorvSYS6d

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Python.CrealStealer.4.28055.30099.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Python.CrealStealer.4.28055.30099.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Python.CrealStealer.4.28055.30099.exe
      "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Python.CrealStealer.4.28055.30099.exe"
      2⤵
      • Loads dropped DLL
      PID:2584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI23242\python310.dll
    Filesize

    1.9MB

    MD5

    352ecfad340279207e00fccc146c07e8

    SHA1

    c1e424a87f4eb4e31a0ba9c572c60201d7466357

    SHA256

    d7710e5fefd2409f6c73f79af232b48642368c0ecb415786b214a4910b9147e7

    SHA512

    de6609d6e569427234f03c2cd6dc396aa282c1c230548135349eb6b8089370b41ac56af875275ad1e2e9fe9161f09c39ebf81e49abc28100529796d4d08b6f5c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI23242\python310.dll
    Filesize

    1.7MB

    MD5

    1b6f11cb3540da7ed59deea84ceb72ba

    SHA1

    47623d6f189d7c25a1dc8ee56d62a5b54f9af929

    SHA256

    29c245e4d51a35e6211c9b76519414afbae4424e04f5f2a0103760ad36431a93

    SHA512

    6a38abcbd59fc2eca170d640d6c3fee5413897df83922badfcd21b31bf03b31aef9826c5540c1b2febec989f6342ddf9653b9bf1ea330370665dbc1d40394313

    Download Submit