Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

newBypasser.exe

windows7-x64

7

newBypasser.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    47s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    11/02/2024, 16:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    newBypasser.exe

  • Size

    8.0MB

  • MD5

    b1ddf91d73f4e19a1da7479d79baac66

  • SHA1

    8c5d5f41717f3fdbae0057a827b38e7933ae5f57

  • SHA256

    ec6cc0c8ca59f336b5d1214d22c0668438aa2c87c41930f7799cbff1ac6c2658

  • SHA512

    82d9d07deddb868229bb1aec24cdea89ed47720b07e19b7388503cc7373f8de7f4fd2915e27138f98b1beb8b0439df649fd12a6d068f5b3080ae3db169a7327f

  • SSDEEP

    196608:azFCraA1HeT39IigwWc0/aFFH3ZAqxNiC:Xv1+TtIiFm/KKqxcC

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\newBypasser.exe
    "C:\Users\Admin\AppData\Local\Temp\newBypasser.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2520
    • C:\Users\Admin\AppData\Local\Temp\newBypasser.exe
      "C:\Users\Admin\AppData\Local\Temp\newBypasser.exe"
      2⤵
      • Loads dropped DLL
      PID:1084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI25202\python311.dll
    Filesize

    5.5MB

    MD5

    d06da79bfd21bb355dc3e20e17d3776c

    SHA1

    610712e77f80d2507ffe85129bfeb1ff72fa38bf

    SHA256

    2835e0f24fb13ef019608b13817f3acf8735fbc5f786d00501c4a151226bdff1

    SHA512

    e4dd839c18c95b847b813ffd0ca81823048d9b427e5dcf05f4fbe0d77b8f7c8a4bd1c67c106402cd1975bc20a8ec1406a38ad4764ab466ef03cb7eb1f431c38a

    Download Submit