Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

8c927174d5...62.exe

windows7-x64

7

8c927174d5...62.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    90s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/02/2024, 14:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8c927174d555f3a40371be4d66639d62.exe

  • Size

    887KB

  • MD5

    8c927174d555f3a40371be4d66639d62

  • SHA1

    8df1b39e36130962cc23734a09a76d8ee84ad41d

  • SHA256

    9758ee9d7ee86a4269062dbb5e8f273b9d9f61019e071436357b99c8f343c5f1

  • SHA512

    0a8a14ecbbc6c973f32c1d3d774e5136cba25e21be3baee972605d1c3c31019f7d7cb6374ff583f9bf0da9c60bd290d2eabc0f6f423c3a28cf196a267bb29c01

  • SSDEEP

    12288:MLry/neyx7f/A64j7PYV3H/BxJsQYrFy698hi2hT4wgfP3xeb07snchWhz9:qKeyxTAJj7PYJvYN9+i2Z4wWht7sncwp

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8c927174d555f3a40371be4d66639d62.exe
    "C:\Users\Admin\AppData\Local\Temp\8c927174d555f3a40371be4d66639d62.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:1940
    • C:\Program Files (x86)\yehbrurvne\aws.exe
      "C:\Program Files (x86)\yehbrurvne\aws.exe"
      2⤵
      • Executes dropped EXE
      PID:432

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\yehbrurvne\aws.exe
    Filesize

    910KB

    MD5

    8d26e464aea682fb19555f652fb75f16

    SHA1

    0122aedaa8ec8f608c10c184c51a5a3584293681

    SHA256

    fa0c7fd4b0eb6cf84bae500079d8c9b723102fc0d3fc606a7a38f2a82321dbe8

    SHA512

    0ec7ebf50e61d4a4c9ad3a9250f039e3ddab7816c23a3b995e23f8fefa02a3de1a986e443a2eab2024d65327bedfd7c7133bbacf16b0dff391ff98dacf310cbf

    Download Submit

  • memory/432-9-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/432-8-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/1940-0-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/1940-1-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/1940-6-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download