Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

MC Pramod Version.exe

windows7-x64

7

MC Pramod Version.exe

windows10-2004-x64

7

MCFA_GEN.pyc

windows7-x64

3

MCFA_GEN.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    5s
  • max time network
    3s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01/02/2024, 05:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MC Pramod Version.exe

  • Size

    21.2MB

  • MD5

    720b1acb3bbaefe375b06974faf514e3

  • SHA1

    68c2ba021da75fc9b550475a0ddf00b142ed979a

  • SHA256

    d89ec5c073bdec861bb3c0dc58ef5e871553ba8667a2d497230d2327698e1cd3

  • SHA512

    b62cdeaa827b62bdc6a57cdb02d4a881a1422b95c52990100ddf791bfaeaab339608237d3e1edeeb62f27d2471a74d702a81bc95af2e869961306f3b2b6f3d19

  • SSDEEP

    393216:cDna3FQtsfHJz7B2D4RqKQETSWvJQn9Oqf26YJgzdCyddk:c21QtsfpfQD4sKQEWWhQ/WKr

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MC Pramod Version.exe
    "C:\Users\Admin\AppData\Local\Temp\MC Pramod Version.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2996
    • C:\Users\Admin\AppData\Local\Temp\MC Pramod Version.exe
      "C:\Users\Admin\AppData\Local\Temp\MC Pramod Version.exe"
      2⤵
      • Loads dropped DLL
      PID:2488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI29962\python311.dll
    Filesize

    5.2MB

    MD5

    1993aefc83d967441c84197556bc8c5c

    SHA1

    0ef34f7432fafdd72dbf629350a400337ebcc564

    SHA256

    0cd070f2dbf7cf3f4188e445077fed678416141673804a725779484e82c1945c

    SHA512

    758a3bcd84ebd7654d85ed6921e49ceb1b1382ef9bf6fdbe91977b5856a0742b86857e44e75d738c702dd23d8b88b1e32460964583b642872413e13e42bc7e5b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI29962\python311.dll
    Filesize

    4.9MB

    MD5

    8669f9716c8cbada6ea1b8e2c839fe10

    SHA1

    6700b51ec09c495d6d9e200bf1fb87ebefe3d705

    SHA256

    72b2b5c614d83f8923bac54046d12d3b012fc593856b1c6a95aaa94cfd566e4b

    SHA512

    f685c982437a4dc835183110d0afc705f76a7c828368891aeaca9289defe16f384dac664eccdded63cd005388f0028255368da661b99b02ce9df84d214a1a106

    Download Submit