Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

7c1fc4c9d6...51.exe

windows7-x64

7

7c1fc4c9d6...51.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    28/01/2024, 04:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7c1fc4c9d684042bed9882cdc7b8fa51.exe

  • Size

    1.9MB

  • MD5

    7c1fc4c9d684042bed9882cdc7b8fa51

  • SHA1

    d7864dbcdcb2c49728e871303b4cb0c08365f10b

  • SHA256

    f230f0610cc32eed66b2e40c4a0f122f1de09a890f87703a3c38c82ca4364cd0

  • SHA512

    4dae12f1b7cfc0764c451f30d643ed6a65924b7c506f12301de3e3c52f4bd0d891a438784718ffa67036735ae8394e2a1297dfbcae8fbe90bab0a078a07cb8b3

  • SSDEEP

    49152:Qoa1taC070dZ+rE+WnklX2Jx0fGgan5OAas7:Qoa1taC0prWklX2Jx0Ogc57D7

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7c1fc4c9d684042bed9882cdc7b8fa51.exe
    "C:\Users\Admin\AppData\Local\Temp\7c1fc4c9d684042bed9882cdc7b8fa51.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2184
    • C:\Users\Admin\AppData\Local\Temp\7511.tmp
      "C:\Users\Admin\AppData\Local\Temp\7511.tmp" --splashC:\Users\Admin\AppData\Local\Temp\7c1fc4c9d684042bed9882cdc7b8fa51.exe 271E08358D4E2BF6D0ACC11480D5E89C7C580EF8A0F30C2443BBB68E420C1596D4B123325A6EA6BFA5133DCA335DD04E2DAC61734C3286EA9FCBCA4717843988
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\7511.tmp
    Filesize

    1.9MB

    MD5

    7dd4ea871e27bf5721043efa6311db49

    SHA1

    59621537e7eb165dc1df501d93c9c491433f67b4

    SHA256

    64f617fd7951e9bdbf3c9620fa36e8a17256532990ccd39b18bc5ca45185d1d2

    SHA512

    55166f5d45ad593179ecb3e5b64b67868b5588a7f32af4002e027b850bcc0b5c3ef068106da135d817a04f4a58c8acddebd9e959e0e15a54e0c6bc16252c7b93

    Download Submit

  • memory/2184-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2188-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download