Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

503561caee...38.exe

windows7-x64

7

503561caee...38.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 01:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    503561caee4d9fd257760cd3e9aa3f38.exe

  • Size

    27.1MB

  • MD5

    503561caee4d9fd257760cd3e9aa3f38

  • SHA1

    358be75ec88b849d45a2822de5f853a86f6dd86a

  • SHA256

    cf68134de97b2f6aed41bcd465740bad9e979106755c6af6c9b9a837d4abac99

  • SHA512

    0205bb4721e7731a56450b10b048f168ebdd47d3e1acc57c9bf67a6dfba72bb7d26013fc0532682ba4b1ae13ef187f35209bf42386be8fd1334d6d253becf6f2

  • SSDEEP

    786432:A9Z9lQ3XJO28pwoumktRLXW829JJE9iC:ivlQ3XJOXpStZW39TE9iC

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\503561caee4d9fd257760cd3e9aa3f38.exe
    "C:\Users\Admin\AppData\Local\Temp\503561caee4d9fd257760cd3e9aa3f38.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1964
    • C:\Users\Admin\AppData\Local\Temp\503561caee4d9fd257760cd3e9aa3f38.exe
      "C:\Users\Admin\AppData\Local\Temp\503561caee4d9fd257760cd3e9aa3f38.exe"
      2⤵
      • Loads dropped DLL
      PID:1928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI19642\python311.dll
    Filesize

    1.3MB

    MD5

    2ecc76da1c85dec1b696e019e65cfe07

    SHA1

    5679ad39a60e2149250da786e606413da595d235

    SHA256

    afbfd0f5dc97d09d1848c23da2a5ddf31a8c3467e4632264617f8dd8038e9152

    SHA512

    7b5a6d6f33b679fc7f8446ccca0cc52bf43273c199ae604a031fb47f273eb6ced07ce879a718c1c3b41134d2168404f6dedd646a8279af68d5f93d0816ed7890

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI19642\python311.dll
    Filesize

    1.6MB

    MD5

    3dd0106692cf70ebb898671664b1b04b

    SHA1

    9fd22817b4f687f878cddc04f0f955fcb2067e65

    SHA256

    becedcfa1bf1ba7180ee631225d51a1a185d61e4d457a8520a26495c4be50efd

    SHA512

    25157f860feb999abdf577a5b3685ebfdf509d73102d050369d5122b9ad2191b20ce0385ff912604f1719ff243d18f4a145eceb786edae3c168756c0d10b2c49

    Download Submit

  • memory/1928-1088-0x000007FEF58F0000-0x000007FEF5ED9000-memory.dmp

    Filesize

    5.9MB

    Download