Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

8f432eaad4...7d.exe

windows7-x64

6

8f432eaad4...7d.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 13:25 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8f432eaad45a73f346a8fcefc2cea57d.exe

  • Size

    298KB

  • MD5

    8f432eaad45a73f346a8fcefc2cea57d

  • SHA1

    973293497921363f323fe6c49ce9678b18cbb8fa

  • SHA256

    16f63f7ec26d8388c61f67dcbcb75c721321a71eaaa4a5aafed376653f390aad

  • SHA512

    6fff8de88190f9626448e8faecaaa6fee8bb3d224b39a7acd8daa6ed8a37bd37e8303e50b220021d21237524ac04db09d32c7b2318809338d383cff6e2dcb113

  • SSDEEP

    6144:xD/TNf6UMMo00p1jYilZZx0k+3lpuD4xZxJZfyRG3ehjsm7:XZyplZf63lO4bxJsRHAm7

Score
6/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops file in Windows directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8f432eaad45a73f346a8fcefc2cea57d.exe
    "C:\Users\Admin\AppData\Local\Temp\8f432eaad45a73f346a8fcefc2cea57d.exe"
    1⤵
    • Drops file in Windows directory
    PID:1708

Network

  • flag-us
    DNS
    parentmodel.biz
    8f432eaad45a73f346a8fcefc2cea57d.exe
    Remote address:
    8.8.8.8:53
    Request
    parentmodel.biz
    IN A
    Response
  • flag-us
    DNS
    center-ring.info
    8f432eaad45a73f346a8fcefc2cea57d.exe
    Remote address:
    8.8.8.8:53
    Request
    center-ring.info
    IN A
    Response
  • flag-us
    DNS
    get-multiple.link
    8f432eaad45a73f346a8fcefc2cea57d.exe
    Remote address:
    8.8.8.8:53
    Request
    get-multiple.link
    IN A
    Response
No results found
  • 8.8.8.8:53
    parentmodel.biz
    dns
    8f432eaad45a73f346a8fcefc2cea57d.exe
    61 B
     123 B
     1
    1

    DNS Request

    parentmodel.biz

  • 8.8.8.8:53
    center-ring.info
    dns
    8f432eaad45a73f346a8fcefc2cea57d.exe
    62 B
     141 B
     1
    1

    DNS Request

    center-ring.info

  • 8.8.8.8:53
    get-multiple.link
    dns
    8f432eaad45a73f346a8fcefc2cea57d.exe
    63 B
     136 B
     1
    1

    DNS Request

    get-multiple.link

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1708-0-0x0000000000DF0000-0x0000000000E30000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1708-1-0x0000000000D90000-0x0000000000DD0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1708-2-0x0000000001780000-0x00000000017C0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1708-4-0x00000000000F0000-0x000000000011F000-memory.dmp

    Filesize

    188KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.