Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

f16ca2056d...b4.exe

windows7-x64

7

f16ca2056d...b4.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/01/2024, 01:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f16ca2056d872f1cae446a151e057fe1d5744f6f26889881050f254008c5a5b4.exe

  • Size

    14.4MB

  • MD5

    0dc7d0b6fd6bd2e157f3be4b6b20fe4d

  • SHA1

    5784f5beb1cd3b5aa222aaf0484c52547d5759a5

  • SHA256

    f16ca2056d872f1cae446a151e057fe1d5744f6f26889881050f254008c5a5b4

  • SHA512

    8274ba73140c6c1b7005ae3fbc84f320e1e7181d12507518ba8a6854d02ceeecfca314378c8247e9bc30c85ecd4f159e15774f5fa2f8362a5911c14fd3c69160

  • SSDEEP

    393216:qiIE7YoPQPdQuslSq99oWOv+9fg/kMeTl2Y:T7rPQPdQuSDorvSY/k/l

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f16ca2056d872f1cae446a151e057fe1d5744f6f26889881050f254008c5a5b4.exe
    "C:\Users\Admin\AppData\Local\Temp\f16ca2056d872f1cae446a151e057fe1d5744f6f26889881050f254008c5a5b4.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1984
    • C:\Users\Admin\AppData\Local\Temp\f16ca2056d872f1cae446a151e057fe1d5744f6f26889881050f254008c5a5b4.exe
      "C:\Users\Admin\AppData\Local\Temp\f16ca2056d872f1cae446a151e057fe1d5744f6f26889881050f254008c5a5b4.exe"
      2⤵
      • Loads dropped DLL
      PID:2792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI19842\python310.dll
    Filesize

    715KB

    MD5

    9a8ed5f13977c9765331a1d5c6050a58

    SHA1

    fe29f02660201ee0651a1347b7286d3267b68d63

    SHA256

    d4d4060ebee3454c54c35c49b0a33b4ccb8fc0e7fa150dc1e9a707286a57bfa2

    SHA512

    d4ae92ad09174f5f3af301b05e63c29444f97f6b6357f6f93868584c4ee596bc1528b6d2e5d83a04ed97aee84948ed5fde4c4c9e88aa3b601a0e718b9377e945

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI19842\python310.dll
    Filesize

    3.6MB

    MD5

    9f613abdc6a4379efe330f07cf969b66

    SHA1

    000def21a106852f01a1ca43bec34fe3afd406df

    SHA256

    3e5285d06951fd51730512db1e3db5592c0b4d145c5a69791f82da8aa4ffad78

    SHA512

    c846f65a8cd64c710b3feaf9cea9ffd77516ea3183b1df61cca7d11fbd1acfd299630953259023b89d1158f0f42571abd02ab50fac04a152fec9c9711949bebe

    Download Submit