Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

157afa8d60...b3.exe

windows7-x64

7

157afa8d60...b3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/02/2024, 01:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    157afa8d60632441bf73b7210cd508b3.exe

  • Size

    9.1MB

  • MD5

    157afa8d60632441bf73b7210cd508b3

  • SHA1

    2e7edca4de98b2fa0aa35572144f6002499e3c37

  • SHA256

    f30fda52cd5b3e5ec820c55a5c8dbe629426b95cabd6e839f34a40c790361da3

  • SHA512

    c7c849b99aff37d501ee285819948b1be013acd4674ad8a7743cda39e825ca2d354ecee12c1756169778de117774492b5f8588faecc2bd07243b01fb1e2bbfb3

  • SSDEEP

    196608:15IaysIFjJQMy+ofSsmWmvdsCnc84njQthsiHzy7kJbDohZQ/:7WjJe+oovaCncdnKhs57WbD

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\157afa8d60632441bf73b7210cd508b3.exe
    "C:\Users\Admin\AppData\Local\Temp\157afa8d60632441bf73b7210cd508b3.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2036
    • C:\Users\Admin\AppData\Local\Temp\157afa8d60632441bf73b7210cd508b3.exe
      "C:\Users\Admin\AppData\Local\Temp\157afa8d60632441bf73b7210cd508b3.exe"
      2⤵
      • Loads dropped DLL
      PID:2540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI20362\python310.dll
    Filesize

    1.6MB

    MD5

    e3cdf647c6091c58d49233776b528ca8

    SHA1

    376b6f6dd07dc37d9c6307a1c8757b423293d6dd

    SHA256

    7ac2ece62bf727a08f2a71324fc16bbc3b391b821af753e681a7727b376c0c85

    SHA512

    7b796a56396a8dce37c91081948f222de2c22bd2bf1ece3bd957a768c1265393099519c25d5ccc0f00931924d889a180ff261de6e0cdf5cedd8932e3801a7715

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI20362\python310.dll
    Filesize

    4.2MB

    MD5

    c6c37b848273e2509a7b25abe8bf2410

    SHA1

    b27cfbd31336da1e9b1f90e8f649a27154411d03

    SHA256

    b7a7f3707beab109b66de3e340e3022dd83c3a18f444feb9e982c29cf23c29b8

    SHA512

    222ad791304963a4b8c1c6055e02c0c4c47fce2bb404bd4f89c022ff9706e29ca6fa36c72350fbf296c8a0e3e48e3756f969c003dd1eb056cd026efe0b7eba40

    Download Submit