Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8a3f506a10...ce.exe

windows7-x64

7

8a3f506a10...ce.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    121s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/02/2024, 18:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8a3f506a108be81d74d47d319200c7ce.exe

  • Size

    947KB

  • MD5

    8a3f506a108be81d74d47d319200c7ce

  • SHA1

    8ea4901d55a2dbfdb8f9f1c2bb17f9903438ad73

  • SHA256

    4c0d48ff721832ae43b4a2f619e1ed4205bb96d6aaf40825ebb243a7648e5386

  • SHA512

    c43cbc9717bf1a654d5b9f1462d9aa952f92ed8a96eac8e21e9d4d2bb31a7e38338443181d944951c0c16c301d99cdcb867ae49adedb87bdb5d67ceb178c76fe

  • SSDEEP

    24576:dgdhhQGGniba/WPpuvlBEaneHueYQFSMPPoqqWEsS:dqj5s8+elYQFSMPPgoS

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8a3f506a108be81d74d47d319200c7ce.exe
    "C:\Users\Admin\AppData\Local\Temp\8a3f506a108be81d74d47d319200c7ce.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:4088
    • C:\Program Files (x86)\cybkur\oq.exe
      "C:\Program Files (x86)\cybkur\oq.exe"
      2⤵
      • Executes dropped EXE
      PID:3660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\cybkur\oq.exe
    Filesize

    961KB

    MD5

    ba92c6bd46e68a285bba6c894dab4ad5

    SHA1

    dd62daecfa7e0cabdeaf92267ff866a5e8df1d7a

    SHA256

    1acdf925b3ba5f37a84a9342c94bcdc93d70a17050b66e6dfa7a4869c1958dfe

    SHA512

    094b1e7184c7f61b18374243db056cc6e0e76e91ace232dad55d35f5f03d391e0ff92709cac8458bda83cb11cb974b92c18969e7b53285608f50f2b92cf9d209

    Download Submit

  • memory/3660-5-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/4088-3-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download