Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

a322c96252...29.exe

windows7-x64

a322c96252...29.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/02/2024, 06:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a322c96252d85b8b408def7646500029.exe

  • Size

    3.0MB

  • MD5

    a322c96252d85b8b408def7646500029

  • SHA1

    26f95f5273abbe7aa91c6615d7e113bedf9ee46e

  • SHA256

    088cbe4387c2b6f462bd57b0d72f0a9b5ccf114c81abd55be8050b47dcd54789

  • SHA512

    5634ef63724dd64f70cc3d87f87e760b7ffe79b14be41d7402d81eb42a3a0d83ad04b8a23346b4637e408065f390680533291a1e9fac2e6a49fa611901852adc

  • SSDEEP

    24576:+7QFRUm/rCYAj8pXU+Cz/rVCY4C05XU+Czvm/rCYAj8pXU+CzQYAj8pXU+Cz/rVD:EQFRHrmQG+yrV2F2+zrmQG+tQG+yrVXT

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a322c96252d85b8b408def7646500029.exe
    "C:\Users\Admin\AppData\Local\Temp\a322c96252d85b8b408def7646500029.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1160
    • C:\Users\Admin\AppData\Local\Temp\scvbdx.exe
      C:\Users\Admin\AppData\Local\Temp\scvbdx.exe -run C:\Users\Admin\AppData\Local\Temp\a322c96252d85b8b408def7646500029.exe
      2⤵
      • Executes dropped EXE
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:1084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\scvbdx.exe
    Filesize

    3.5MB

    MD5

    72371c681f0961d8220454b2bc05e731

    SHA1

    59cf970cb43ca07709a774f86ed364a6b25fedc8

    SHA256

    47fe2a4659798675ede393a7f8dc7475816915d82ac2dba1049eca5a08e886f6

    SHA512

    caed45b1f1cd64888b0532b96fe9554b4bb0d913c82c17ff25e1fd624f2cc7c1b0e2ad3fea0d70a638eb6e059b10265c5541c9d34e28ace3f915a34ce6800ff1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\scvbdx.exe
    Filesize

    3.6MB

    MD5

    2fc4cb255e512f57bf0a8741ba9a3c1d

    SHA1

    43f7e11971fa4a2205c213bac6b244cb02933c59

    SHA256

    21545060202fb4d04e8c417086a77ed74a68dd15f63a97a3762cc3c2c39c32d3

    SHA512

    9a166219b9162047ae2f54dc6bd55c8821d9a886345969c92fc850f629e407cc71c6af3bf562324ef87d1becba3b8fa39f5310873640f537666903ecb6014cde

    Download Submit

  • memory/1084-142-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/1160-0-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/1160-1-0x0000000002320000-0x0000000002370000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1160-2-0x00000000024B0000-0x00000000024B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-3-0x0000000002470000-0x0000000002471000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-4-0x0000000000770000-0x0000000000771000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-5-0x0000000002490000-0x0000000002491000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-6-0x0000000000760000-0x0000000000761000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-9-0x0000000002DB0000-0x0000000002DB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-8-0x00000000024C0000-0x00000000024C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-7-0x0000000002480000-0x0000000002481000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-10-0x00000000024A0000-0x00000000024A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-11-0x0000000002DA0000-0x0000000002DA2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1160-12-0x0000000002570000-0x0000000002571000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-13-0x0000000002530000-0x0000000002531000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-14-0x0000000002520000-0x0000000002521000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-15-0x0000000002550000-0x0000000002551000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-16-0x0000000002510000-0x0000000002511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-17-0x0000000002540000-0x0000000002541000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-18-0x0000000002580000-0x0000000002581000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-19-0x0000000002590000-0x0000000002591000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-20-0x0000000002620000-0x0000000002621000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-21-0x00000000025E0000-0x00000000025E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-22-0x00000000025D0000-0x00000000025D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-23-0x0000000002600000-0x0000000002601000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-24-0x00000000025C0000-0x00000000025C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-25-0x00000000025F0000-0x00000000025F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-26-0x0000000002610000-0x0000000002611000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-27-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-28-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-29-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-31-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-30-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-32-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-33-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-34-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-35-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-36-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-37-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-38-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-39-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-41-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-42-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-40-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-43-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-44-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-45-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-47-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-46-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-48-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-49-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-51-0x0000000002500000-0x0000000002501000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-52-0x0000000002E40000-0x0000000002E41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-55-0x0000000000740000-0x0000000000741000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-53-0x0000000002E50000-0x0000000002E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-54-0x00000000006E0000-0x00000000006E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-50-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1160-59-0x0000000002E30000-0x0000000002E31000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-58-0x0000000002DC0000-0x0000000002DC1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-57-0x0000000002DD0000-0x0000000002DD1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-62-0x00000000027C0000-0x00000000027C6000-memory.dmp

    Filesize

    24KB

    Download

  • memory/1160-61-0x00000000027C0000-0x00000000027C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-60-0x0000000002D90000-0x0000000002D96000-memory.dmp

    Filesize

    24KB

    Download

  • memory/1160-56-0x0000000002DE0000-0x0000000002DE1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1160-67-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/1160-68-0x0000000002320000-0x0000000002370000-memory.dmp

    Filesize

    320KB

    Download