Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

a0cfe661d1...7b.exe

windows7-x64

7

a0cfe661d1...7b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 03:19 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a0cfe661d13ff7c16052f0ca41e31e7b.exe

  • Size

    294KB

  • MD5

    a0cfe661d13ff7c16052f0ca41e31e7b

  • SHA1

    11332d161291f44fc5ba1871cd841814e859972f

  • SHA256

    793b6b6e1d394a6067ec48e20d177413621ff8ac8b2ba622a0584393faac93bd

  • SHA512

    b9f627d90f67761a01fd69554ce12e3374831b2a00faa36258ab27aa505b73aa68ff3f2ff5a353a95f97a3ca8da0e507f99ebdfdfcd96f95fe33b73fa72b100c

  • SSDEEP

    6144:dB0D4ZiDCC98YgIG9zdFHf2H7nYMDl7K2YyHi0+oSot3U:daD4ZieSgp/FeH75J7CceoSopU

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 3 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a0cfe661d13ff7c16052f0ca41e31e7b.exe
    "C:\Users\Admin\AppData\Local\Temp\a0cfe661d13ff7c16052f0ca41e31e7b.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:936

Network

  • flag-us
    DNS
    sbk-x.softonic.fr
    a0cfe661d13ff7c16052f0ca41e31e7b.exe
    Remote address:
    8.8.8.8:53
    Request
    sbk-x.softonic.fr
    IN A
    Response
    sbk-x.softonic.fr
    IN A
    35.233.77.94
  • flag-be
    GET
    http://sbk-x.softonic.fr/universaldownloader-prefetch
    a0cfe661d13ff7c16052f0ca41e31e7b.exe
    Remote address:
    35.233.77.94:80
    Request
    GET /universaldownloader-prefetch HTTP/1.1
    Accept: */*
    User-Agent: Softonic Downloader/1.34.1
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    Host: sbk-x.softonic.fr
    Connection: Keep-Alive
    Response
    HTTP/1.1 308 Permanent Redirect
    Date: Sat, 24 Feb 2024 03:19:15 GMT
    Content-Type: text/html
    Content-Length: 164
    Connection: keep-alive
    Location: https://sbk-x.softonic.fr/universaldownloader-prefetch
  • flag-be
    GET
    http://sbk-x.softonic.fr/universaldownloader-prefetch
    a0cfe661d13ff7c16052f0ca41e31e7b.exe
    Remote address:
    35.233.77.94:80
    Request
    GET /universaldownloader-prefetch HTTP/1.1
    Accept: */*
    User-Agent: Softonic Downloader/1.34.1
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    Host: sbk-x.softonic.fr
    Connection: Keep-Alive
    Response
    HTTP/1.1 308 Permanent Redirect
    Date: Sat, 24 Feb 2024 03:21:15 GMT
    Content-Type: text/html
    Content-Length: 164
    Connection: keep-alive
    Location: https://sbk-x.softonic.fr/universaldownloader-prefetch
  • 35.233.77.94:80
    http://sbk-x.softonic.fr/universaldownloader-prefetch
    http
    a0cfe661d13ff7c16052f0ca41e31e7b.exe
    486 B
     996 B
     6
    6

    HTTP Request

    GET http://sbk-x.softonic.fr/universaldownloader-prefetch

    HTTP Response

    308
  • 35.233.77.94:80
    http://sbk-x.softonic.fr/universaldownloader-prefetch
    http
    a0cfe661d13ff7c16052f0ca41e31e7b.exe
    394 B
     916 B
     4
    4

    HTTP Request

    GET http://sbk-x.softonic.fr/universaldownloader-prefetch

    HTTP Response

    308
  • 8.8.8.8:53
    sbk-x.softonic.fr
    dns
    a0cfe661d13ff7c16052f0ca41e31e7b.exe
    63 B
     79 B
     1
    1

    DNS Request

    sbk-x.softonic.fr

    DNS Response

    35.233.77.94

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/936-0-0x0000000000400000-0x00000000004D6000-memory.dmp

    Filesize

    856KB

    Download

  • memory/936-1-0x0000000000400000-0x00000000004D6000-memory.dmp

    Filesize

    856KB

    Download

  • memory/936-12-0x0000000000400000-0x00000000004D6000-memory.dmp

    Filesize

    856KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.