Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

7713d7e65c...f3.exe

windows7-x64

3

7713d7e65c...f3.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26/01/2024, 10:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7713d7e65cee32777074476ce0ae60f3.exe

  • Size

    56KB

  • MD5

    7713d7e65cee32777074476ce0ae60f3

  • SHA1

    d6c22b03b38d0543ee4b68aad5bd79c29cb07d29

  • SHA256

    451201c5d472b13678002880c71224bb3bec21a391f2d278d4fabbb5a1de4b83

  • SHA512

    8218e6f3604bd7f91dd3f60fa60b7faf06296833fe7ce1bc16d27f1d29ff6b6751b20aa27e542e6f8343040cd80a6531dd6c7d320147c797ca32c5c7bf923895

  • SSDEEP

    768:Rp7epb3EhwiDVnjNL2K1IfnrzMkg8vUF17HcAj9gOAKo0e:77epb3ESqLh1IzzMkggy17HcS9hpe

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7713d7e65cee32777074476ce0ae60f3.exe
    "C:\Users\Admin\AppData\Local\Temp\7713d7e65cee32777074476ce0ae60f3.exe"
    1⤵
      PID:1736
    • C:\Windows\SysWOW64\DllHost.exe
      C:\Windows\SysWOW64\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}
      1⤵
      • Suspicious use of FindShellTrayWindow
      PID:2060

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\eclaireur.jpg
      Filesize

      20KB

      MD5

      aeb08c926babf741f5e560d697b5d410

      SHA1

      b5e212542ae1ba25d6e8e491dade6b575613815d

      SHA256

      d42d4cf4d30dfbdb78e13472d0f05782bdf029c0481e3cffb2ee85caca0740bb

      SHA512

      ebf8f251c68dd20d5ef19b1fc357046c44d547f8e3167900af1d5013e944a767ca3a9865d2c0780b464fdf64551578a70087f69ced67e2f9cc220b3215eed7ce

      Download Submit

    • memory/1736-1-0x00000000005C0000-0x00000000005C2000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1736-3-0x0000000000400000-0x000000000040D000-memory.dmp

      Filesize

      52KB

      Download

    • memory/2060-2-0x0000000000130000-0x0000000000132000-memory.dmp

      Filesize

      8KB

      Download

    • memory/2060-4-0x0000000000280000-0x0000000000281000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2060-6-0x0000000000280000-0x0000000000281000-memory.dmp

      Filesize

      4KB

      Download