Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Furi-v1.7....up.exe

windows7-x64

7

Furi-v1.7....up.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    16s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/02/2024, 17:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Furi-v1.7.224_setup.exe

  • Size

    2.4MB

  • MD5

    4ed362570237991cb022b6fb2891ecad

  • SHA1

    6ea51a4ac786bc2f07630edc30e16bef209392f5

  • SHA256

    a895b7f41e5aa07cb7d518fd1bb6babe561fde29df3967e0b902f0dd99b9181a

  • SHA512

    1e4fafeb8e833774cfd7e425a9a8128137145f30ab20a0f5e2e07f9720c2c0d5884aec14237c50ce3f3aff28b2d68b0bf310c2d297f9712e75f2ca93f1df6911

  • SSDEEP

    49152:TBuZrEU72fsWatAZ/locFy86ABWWIh3Yz3ku9nrfo0N61SEeF54EY:VkLqfsWatAZ/locFypABWWIhifrfGSzY

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Furi-v1.7.224_setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Furi-v1.7.224_setup.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2364
    • C:\Users\Admin\AppData\Local\Temp\is-3NVTH.tmp\Furi-v1.7.224_setup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-3NVTH.tmp\Furi-v1.7.224_setup.tmp" /SL5="$50150,1339392,0,C:\Users\Admin\AppData\Local\Temp\Furi-v1.7.224_setup.exe"
      2⤵
      • Executes dropped EXE
      PID:2204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\is-3NVTH.tmp\Furi-v1.7.224_setup.tmp
    Filesize

    3.5MB

    MD5

    5508249936ab8b2d9c175228ef6ad43d

    SHA1

    f5ac4b4a7c25ba86f131dff11a044fdae91a8f58

    SHA256

    d502e298ff17bd911dd07cd587937435fddaf0ef38c5eed522499df84c52d275

    SHA512

    d144630b6c226e3533355e9d6622803d71d0bc5f1bf9ae2e3aa913b21d2d66796ca512897f7af9760e49ec6359f25f377aacd58032034d929f813ed48f0dd4fb

    Download Submit

  • memory/2204-8-0x00000000002C0000-0x00000000002C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2204-10-0x0000000000400000-0x0000000000790000-memory.dmp

    Filesize

    3.6MB

    Download

  • memory/2364-1-0x0000000000400000-0x0000000000554000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/2364-9-0x0000000000400000-0x0000000000554000-memory.dmp

    Filesize

    1.3MB

    Download