Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Furi-v1.7....up.exe

windows7-x64

7

Furi-v1.7....up.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    24s
  • max time network
    25s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/02/2024, 17:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Furi-v1.7.224_setup.exe

  • Size

    2.4MB

  • MD5

    4ed362570237991cb022b6fb2891ecad

  • SHA1

    6ea51a4ac786bc2f07630edc30e16bef209392f5

  • SHA256

    a895b7f41e5aa07cb7d518fd1bb6babe561fde29df3967e0b902f0dd99b9181a

  • SHA512

    1e4fafeb8e833774cfd7e425a9a8128137145f30ab20a0f5e2e07f9720c2c0d5884aec14237c50ce3f3aff28b2d68b0bf310c2d297f9712e75f2ca93f1df6911

  • SSDEEP

    49152:TBuZrEU72fsWatAZ/locFy86ABWWIh3Yz3ku9nrfo0N61SEeF54EY:VkLqfsWatAZ/locFypABWWIhifrfGSzY

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Furi-v1.7.224_setup.exe
    "C:\Users\Admin\AppData\Local\Temp\Furi-v1.7.224_setup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1632
    • C:\Users\Admin\AppData\Local\Temp\is-UGH32.tmp\Furi-v1.7.224_setup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-UGH32.tmp\Furi-v1.7.224_setup.tmp" /SL5="$70040,1339392,0,C:\Users\Admin\AppData\Local\Temp\Furi-v1.7.224_setup.exe"
      2⤵
      • Executes dropped EXE
      • Loads dropped DLL
      PID:2420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-9JUVK.tmp\_isetup\_isdecmp.dll
    Filesize

    28KB

    MD5

    077cb4461a2767383b317eb0c50f5f13

    SHA1

    584e64f1d162398b7f377ce55a6b5740379c4282

    SHA256

    8287d0e287a66ee78537c8d1d98e426562b95c50f569b92cea9ce36a9fa57e64

    SHA512

    b1fcb0265697561ef497e6a60fcee99dc5ea0cf02b4010da9f5ed93bce88bdfea6bfe823a017487b8059158464ea29636aad8e5f9dd1e8b8a1b6eaaab670e547

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\is-UGH32.tmp\Furi-v1.7.224_setup.tmp
    Filesize

    3.5MB

    MD5

    5508249936ab8b2d9c175228ef6ad43d

    SHA1

    f5ac4b4a7c25ba86f131dff11a044fdae91a8f58

    SHA256

    d502e298ff17bd911dd07cd587937435fddaf0ef38c5eed522499df84c52d275

    SHA512

    d144630b6c226e3533355e9d6622803d71d0bc5f1bf9ae2e3aa913b21d2d66796ca512897f7af9760e49ec6359f25f377aacd58032034d929f813ed48f0dd4fb

    Download Submit

  • memory/1632-0-0x0000000000400000-0x0000000000554000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1632-12-0x0000000000400000-0x0000000000554000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/2420-5-0x0000000002880000-0x0000000002881000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2420-13-0x0000000000400000-0x0000000000790000-memory.dmp

    Filesize

    3.6MB

    Download

  • memory/2420-16-0x0000000002880000-0x0000000002881000-memory.dmp

    Filesize

    4KB

    Download