Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

7a5d78e65d...82.exe

windows7-x64

1

7a5d78e65d...82.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/02/2024, 18:33 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82.exe

  • Size

    804KB

  • MD5

    86d951cc4c64513b59dc128b4c7f3ae5

  • SHA1

    dee1b61c7b1c5e27343186eb603f527b3511d743

  • SHA256

    7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82

  • SHA512

    357906c83a5f05ef710844145e20f9c4427dffe580b436ecae91d8d4172c1a3177533c18277b746ce0f85e8d58885933b2795824f912dd7b711861f69d3bffad

  • SSDEEP

    6144:uhad38nxEGE72ZgLrsKia4qGH1lgHDuQy9uvwWMHx31ByXa2mR7g29PR:uhadGxEGPQtLGH1lgHDty9uIRHx3iKj

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82.exe
    "C:\Users\Admin\AppData\Local\Temp\7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4368

Network

  • flag-us
    DNS
    shuipiao3.top
    7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82.exe
    Remote address:
    8.8.8.8:53
    Request
    shuipiao3.top
    IN A
    Response
    shuipiao3.top
    IN A
    96.43.110.142
  • flag-us
    DNS
    9.228.82.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    9.228.82.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    178.178.17.96.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    178.178.17.96.in-addr.arpa
    IN PTR
    Response
    178.178.17.96.in-addr.arpa
    IN PTR
    a96-17-178-178deploystaticakamaitechnologiescom
  • flag-us
    DNS
    41.110.16.96.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    41.110.16.96.in-addr.arpa
    IN PTR
    Response
    41.110.16.96.in-addr.arpa
    IN PTR
    a96-16-110-41deploystaticakamaitechnologiescom
  • flag-us
    DNS
    183.59.114.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    183.59.114.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    15.164.165.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    15.164.165.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    0.205.248.87.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    0.205.248.87.in-addr.arpa
    IN PTR
    Response
    0.205.248.87.in-addr.arpa
    IN PTR
    https-87-248-205-0lgwllnwnet
  • flag-us
    DNS
    194.178.17.96.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    194.178.17.96.in-addr.arpa
    IN PTR
    Response
    194.178.17.96.in-addr.arpa
    IN PTR
    a96-17-178-194deploystaticakamaitechnologiescom
  • flag-us
    DNS
    shuipiao3.top
    7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82.exe
    Remote address:
    8.8.8.8:53
    Request
    shuipiao3.top
    IN A
    Response
    shuipiao3.top
    IN A
    96.43.110.142
  • flag-us
    DNS
    23.236.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    23.236.111.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    181.178.17.96.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    181.178.17.96.in-addr.arpa
    IN PTR
    Response
    181.178.17.96.in-addr.arpa
    IN PTR
    a96-17-178-181deploystaticakamaitechnologiescom
  • flag-us
    DNS
    shuipiao3.top
    7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82.exe
    Remote address:
    8.8.8.8:53
    Request
    shuipiao3.top
    IN A
    Response
    shuipiao3.top
    IN A
    96.43.110.142
  • flag-us
    DNS
    12.173.189.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    12.173.189.20.in-addr.arpa
    IN PTR
    Response
  • 96.43.110.142:1152
    shuipiao3.top
    7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82.exe
    1.8kB
     35
  • 20.231.121.79:80
    46 B
     1
  • 8.8.8.8:53
    shuipiao3.top
    dns
    7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82.exe
    59 B
     75 B
     1
    1

    DNS Request

    shuipiao3.top

    DNS Response

    96.43.110.142

  • 8.8.8.8:53
    9.228.82.20.in-addr.arpa
    dns
    70 B
     156 B
     1
    1

    DNS Request

    9.228.82.20.in-addr.arpa

  • 8.8.8.8:53
    178.178.17.96.in-addr.arpa
    dns
    72 B
     137 B
     1
    1

    DNS Request

    178.178.17.96.in-addr.arpa

  • 8.8.8.8:53
    41.110.16.96.in-addr.arpa
    dns
    71 B
     135 B
     1
    1

    DNS Request

    41.110.16.96.in-addr.arpa

  • 8.8.8.8:53
    183.59.114.20.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    183.59.114.20.in-addr.arpa

  • 8.8.8.8:53
    15.164.165.52.in-addr.arpa
    dns
    72 B
     146 B
     1
    1

    DNS Request

    15.164.165.52.in-addr.arpa

  • 8.8.8.8:53
    0.205.248.87.in-addr.arpa
    dns
    71 B
     116 B
     1
    1

    DNS Request

    0.205.248.87.in-addr.arpa

  • 8.8.8.8:53
    194.178.17.96.in-addr.arpa
    dns
    72 B
     137 B
     1
    1

    DNS Request

    194.178.17.96.in-addr.arpa

  • 8.8.8.8:53
    shuipiao3.top
    dns
    7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82.exe
    59 B
     75 B
     1
    1

    DNS Request

    shuipiao3.top

    DNS Response

    96.43.110.142

  • 8.8.8.8:53
    23.236.111.52.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    23.236.111.52.in-addr.arpa

  • 8.8.8.8:53
    181.178.17.96.in-addr.arpa
    dns
    72 B
     137 B
     1
    1

    DNS Request

    181.178.17.96.in-addr.arpa

  • 8.8.8.8:53
    shuipiao3.top
    dns
    7a5d78e65df0d55b114ab4a6da208f7f678f497629422bb4f3a415cf5794ef82.exe
    59 B
     75 B
     1
    1

    DNS Request

    shuipiao3.top

    DNS Response

    96.43.110.142

  • 8.8.8.8:53
    12.173.189.20.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    12.173.189.20.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.