Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

157afa8d60...b3.exe

windows7-x64

7

157afa8d60...b3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/02/2024, 01:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    157afa8d60632441bf73b7210cd508b3.exe

  • Size

    9.1MB

  • MD5

    157afa8d60632441bf73b7210cd508b3

  • SHA1

    2e7edca4de98b2fa0aa35572144f6002499e3c37

  • SHA256

    f30fda52cd5b3e5ec820c55a5c8dbe629426b95cabd6e839f34a40c790361da3

  • SHA512

    c7c849b99aff37d501ee285819948b1be013acd4674ad8a7743cda39e825ca2d354ecee12c1756169778de117774492b5f8588faecc2bd07243b01fb1e2bbfb3

  • SSDEEP

    196608:15IaysIFjJQMy+ofSsmWmvdsCnc84njQthsiHzy7kJbDohZQ/:7WjJe+oovaCncdnKhs57WbD

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 20 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\157afa8d60632441bf73b7210cd508b3.exe
    "C:\Users\Admin\AppData\Local\Temp\157afa8d60632441bf73b7210cd508b3.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4552
    • C:\Users\Admin\AppData\Local\Temp\157afa8d60632441bf73b7210cd508b3.exe
      "C:\Users\Admin\AppData\Local\Temp\157afa8d60632441bf73b7210cd508b3.exe"
      2⤵
      • Loads dropped DLL
      PID:4916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\MSVCP140.dll
    Filesize

    558KB

    MD5

    bf78c15068d6671693dfcdfa5770d705

    SHA1

    4418c03c3161706a4349dfe3f97278e7a5d8962a

    SHA256

    a88b8c1c8f27bf90fe960e0e8bd56984ad48167071af92d96ec1051f89f827fb

    SHA512

    5b6b0ab4e82cc979eaa619d387c6995198fd19aa0c455bef44bd37a765685575d57448b3b4accd70d3bd20a6cd408b1f518eda0f6dae5aa106f225bee8291372

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\VCRUNTIME140.dll
    Filesize

    94KB

    MD5

    a87575e7cf8967e481241f13940ee4f7

    SHA1

    879098b8a353a39e16c79e6479195d43ce98629e

    SHA256

    ded5adaa94341e6c62aea03845762591666381dca30eb7c17261dd154121b83e

    SHA512

    e112f267ae4c9a592d0dd2a19b50187eb13e25f23ded74c2e6ccde458bcdaee99f4e3e0a00baf0e3362167ae7b7fe4f96ecbcd265cc584c1c3a4d1ac316e92f0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\VCRUNTIME140_1.dll
    Filesize

    36KB

    MD5

    37c372da4b1adb96dc995ecb7e68e465

    SHA1

    6c1b6cb92ff76c40c77f86ea9a917a5f854397e2

    SHA256

    1554b5802968fdb2705a67cbb61585e9560b9e429d043a5aa742ef3c9bbfb6bf

    SHA512

    926f081b1678c15dc649d7e53bfbe98e4983c9ad6ccdf11c9383ca1d85f2a7353d5c52bebf867d6e155ff897f4702fc4da36a8f4cf76b00cb842152935e319a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\_brotli.cp310-win_amd64.pyd
    Filesize

    861KB

    MD5

    6d44fd95c62c6415999ebc01af40574b

    SHA1

    a5aee5e107d883d1490257c9702913c12b49b22a

    SHA256

    58bacb135729a70102356c2d110651f1735bf40a602858941e13bdeabfacab4a

    SHA512

    59b6c07079f979ad4a27ec394eab3fdd2d2d15d106544246fe38f4eb1c9e12672f11d4a8efb5a2a508690ce2677edfac85eb793e2f6a5f8781b258c421119ff3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\_bz2.pyd
    Filesize

    78KB

    MD5

    bcf0d58a4c415072dae95db0c5cc7db3

    SHA1

    8ce298b7729c3771391a0decd82ab4ae8028c057

    SHA256

    d7faf016ef85fdbb6636f74fc17afc245530b1676ec56fc2cc756fe41cd7bf5a

    SHA512

    c54d76e50f49249c4e80fc6ce03a5fdec0a79d2ff0880c2fc57d43227a1388869e8f7c3f133ef8760441964da0bf3fc23ef8d3c3e72ce1659d40e8912cb3e9bc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\_ctypes.pyd
    Filesize

    116KB

    MD5

    41a9708af86ae3ebc358e182f67b0fb2

    SHA1

    accab901e2746f7da03fab8301f81a737b6cc180

    SHA256

    0bd4ed11f2fb097f235b62eb26a00c0cb16815bbf90ab29f191af823a9fed8cf

    SHA512

    835f9aa33fdfbb096c31f8ac9a50db9fac35918fc78bce03dae55ea917f738a41f01aee4234a5a91ffa5bdbbd8e529399205592eb0cae3224552c35c098b7843

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\_hashlib.pyd
    Filesize

    58KB

    MD5

    f63da7f9a4e64148255e9d3885e7a008

    SHA1

    756dc192e7b2932df147c48f05ec5e38e9aa06e6

    SHA256

    fa0bb4bf93a6739ce5ade6a7a69272bbc1227d09c7afc1c027d6cea41141bcc6

    SHA512

    23d06def20c3668613392a02832777b27ad5353e1dc246316043b606890445d195a1066fca65300a5d429319aa2ae2505f9fa3a5ab0f97aba2717b64aaa07e8d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\_lzma.pyd
    Filesize

    150KB

    MD5

    ba3797d77b4b1f3b089a73c39277b343

    SHA1

    364a052731cfe40994c6fef4c51519f7546cd0b1

    SHA256

    f904b02720b6498634fc045e3cc2a21c04505c6be81626fe99bdb7c12cc26dc6

    SHA512

    5688ae25405ae8c5491898c678402c7a62ec966a8ec77891d9fd397805a5cfcf02d7ae8e2aa27377d65e6ce05b34a7ffdedf3942a091741af0d5bce41628bf7d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\_queue.pyd
    Filesize

    26KB

    MD5

    e6bb918cc02cd270bad449875577427c

    SHA1

    5b22420ae4170858a6a2aa04a54adc26b9a8051c

    SHA256

    2d8b41dad8a8506870e6f2e2a5856c6c6c68a219f18bd88ad79c63cfa1366b1f

    SHA512

    b19353e0df213525c466d5cb80f362ab1a22eaf9940f742b59df1c2842e49594db87a5119289dca616fdfa3e808c7ceb26906e0ff8723afc80af768496faca9c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\_socket.pyd
    Filesize

    73KB

    MD5

    79c2ff05157ef4ba0a940d1c427c404e

    SHA1

    17da75d598deaa480cdd43e282398e860763297b

    SHA256

    f3e0e2f3e70ab142e7ce1a4d551c5623a3317fb398d359e3bd8e26d21847f707

    SHA512

    f91fc9c65818e74ddc08bbe1ccea49f5f60d6979bc27e1cdb2ef40c2c8a957bd3be7aea5036394abab52d51895290d245fd5c9f84cc3cc554597ae6f85c149e1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\_ssl.pyd
    Filesize

    152KB

    MD5

    1ed0ef72a40268e300a611ba4ab20dfd

    SHA1

    4d04d5911a6ed422308ea11d7b15821af8f62585

    SHA256

    5860fe208122219a4071cc369d5001edc3b08c13bd96156abd1375e35401acd0

    SHA512

    f72ea051ed50a09561414fc41d837c03ce44be9d8e4c39f59133dd8a092c9f13fc942c58dc8517edc149caa3bf7d94fa6bdbe88cabc8cb3c6a02428676572f3e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\base_library.zip
    Filesize

    812KB

    MD5

    eb130a9177f630bc33d7e510ed81d9d2

    SHA1

    c33dae854285d5367e8c87899e1a168abeca8d18

    SHA256

    987165c5cc33442df85d8ab8c3f66e2805070e0b526801b88434f48ed04b3a2f

    SHA512

    17feb5a3468a4883730fb17251ac7604c9ba376ce871ebbf4a034144626a63caf415bc6bed6cfca518b37c9840231cfdfccc17ca4833b3ef23b32499444b8474

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\certifi\cacert.pem
    Filesize

    259KB

    MD5

    ea4ee2af66c4c57b8a275867e9dc07cd

    SHA1

    d904976736e6db3c69c304e96172234078242331

    SHA256

    fa883829ebb8cd2a602f9b21c1f85de24cf47949d520bceb1828b4cd1cb6906c

    SHA512

    4114105f63e72b54e506d06168b102a9130263576200fb21532140c0e9936149259879ac30a8b78f15ae7cb0b59b043db5154091312da731ac16e67e6314c412

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\cryptography\hazmat\bindings\_rust.pyd
    Filesize

    1.8MB

    MD5

    4da297b15026197ab45cb5eadd60d2df

    SHA1

    dac6196e00a505f79156975866c7ca9389ac07ee

    SHA256

    fdc01f1c3eb583f060c8cc2be5753da86b55c5672174ba2ee9876e1bbcd54856

    SHA512

    c3cc8ba8fead48a6d58bb8e35e9f2c656c2c3433e1bd8cd4eb8726e9e9644345bdd2599a95b82111cff6d9d74c48bc6db7e91594dd5bc92d865a104ececc2aec

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\libcrypto-1_1.dll
    Filesize

    3.3MB

    MD5

    63c756d74c729d6d24da2b8ef596a391

    SHA1

    7610bb1cbf7a7fdb2246be55d8601af5f1e28a00

    SHA256

    17d0f4c13c213d261427ee186545b13ef0c67a99fe7ad12cd4d7c9ec83034ac8

    SHA512

    d9cf045bb1b6379dd44f49405cb34acf8570aed88b684d0ab83af571d43a0d8df46d43460d3229098bd767dd6e0ef1d8d48bc90b9040a43b5469cef7177416a2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\libffi-7.dll
    Filesize

    32KB

    MD5

    eef7981412be8ea459064d3090f4b3aa

    SHA1

    c60da4830ce27afc234b3c3014c583f7f0a5a925

    SHA256

    f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

    SHA512

    dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\libssl-1_1.dll
    Filesize

    681KB

    MD5

    86556da811797c5e168135360acac6f2

    SHA1

    42d868fc25c490db60030ef77fba768374e7fe03

    SHA256

    a594fc6fa4851b3095279f6dc668272ee975e7e03b850da4945f49578abe48cb

    SHA512

    4ba4d6bfff563a3f9c139393da05321db160f5ae8340e17b82f46bcaf30cbcc828b2fc4a4f86080e4826f0048355118ef21a533def5e4c9d2496b98951344690

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\python3.dll
    Filesize

    60KB

    MD5

    c38e9571f33898eb9f3da53dc29b512f

    SHA1

    5be348c829b6dfa008d0dd239414ad388e5d7ace

    SHA256

    70596aea8c5ca8f3bf88e46a0606522413b50208ec9fcc6b706f7a064cf83b79

    SHA512

    1704be273e3485013282c269fc974558683204639fccfb46e6eb640c64a0769a21572a07ee62fe1d5eb1eed4d1419f2293d6e4fd8193caafe128c6d66bd48f6e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\python310.dll
    Filesize

    4.2MB

    MD5

    c6c37b848273e2509a7b25abe8bf2410

    SHA1

    b27cfbd31336da1e9b1f90e8f649a27154411d03

    SHA256

    b7a7f3707beab109b66de3e340e3022dd83c3a18f444feb9e982c29cf23c29b8

    SHA512

    222ad791304963a4b8c1c6055e02c0c4c47fce2bb404bd4f89c022ff9706e29ca6fa36c72350fbf296c8a0e3e48e3756f969c003dd1eb056cd026efe0b7eba40

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\select.pyd
    Filesize

    25KB

    MD5

    431464c4813ed60fbf15a8bf77b0e0ce

    SHA1

    9825f6a8898e38c7a7ddc6f0d4b017449fb54794

    SHA256

    1f56df23a36132f1e5be4484582c73081516bee67c25ef79beee01180c04c7f0

    SHA512

    53175384699a7bb3b93467065992753b73d8f3a09e95e301a1a0386c6a1224fa9ed8fa42c99c1ffbcfa6377b6129e3db96e23750e7f23b4130af77d14ac504a0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI45522\unicodedata.pyd
    Filesize

    1.1MB

    MD5

    d1182ba27939104010b6313c466d49ff

    SHA1

    7870134f41ba5333294c927dbd77d3f740ac87e7

    SHA256

    1ac171f51cc87f268617b4a635b2331d5991d987d32bb206dd4e38033449c052

    SHA512

    ef26a2c8b0094792e10ceabbf4d11724a9368d96f888240581a15d7a551754c1484f6b2ed1b963a73b686495c7952d9cb940021028d4f230b0b47d0794607d0f

    Download Submit