Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

084f9ba4c0...45.exe

windows7-x64

7

084f9ba4c0...45.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/03/2024, 17:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    084f9ba4c047668690fdcaf1d9518d77454e8653cb3d6ab5b9407acc5755d945.exe

  • Size

    819KB

  • MD5

    5a8e1724bea3fbc05af3d5b3619f527e

  • SHA1

    b702dea37a8f977e2d946c311c89bef59a6e67a6

  • SHA256

    084f9ba4c047668690fdcaf1d9518d77454e8653cb3d6ab5b9407acc5755d945

  • SHA512

    c6820a4a32a5689fc769865d0deb3cba2d358f13a543b0d29fe0d31db563a7aa84f8afde7b6d419cf1e699b5ee2044bea89312baa169583c8dbec8bd26fbc158

  • SSDEEP

    24576:Kui4rB93oPp+E8YvaKR97cmYvaKRqCr9HldAHJ:xPn3oPp+E8Yv53cmYv5nrdAH

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\084f9ba4c047668690fdcaf1d9518d77454e8653cb3d6ab5b9407acc5755d945.exe
    "C:\Users\Admin\AppData\Local\Temp\084f9ba4c047668690fdcaf1d9518d77454e8653cb3d6ab5b9407acc5755d945.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4940
    • C:\Users\Admin\AppData\Local\Temp\5EF8.tmp
      "C:\Users\Admin\AppData\Local\Temp\5EF8.tmp" --pingC:\Users\Admin\AppData\Local\Temp\084f9ba4c047668690fdcaf1d9518d77454e8653cb3d6ab5b9407acc5755d945.exe 87333B9BED7FF0BDA910AE78FA55DFB0EADE09FD8124C33D7794990F38DEE52AD6E022633CDB20D4CF77F2D6706D59D804E5F9B049B447584CF2DA75DD5C2771
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\5EF8.tmp
    Filesize

    819KB

    MD5

    035809fa16acfb83ae554240f7f96de5

    SHA1

    b6e33746acf8cde0f067b343afdf77bd1fc77f63

    SHA256

    170710db8efa4239f5ea1ffca3d5b5401435df703aa931af4a8e15490769b9ba

    SHA512

    401e6369b34b79f4559716bb82df43a3e6a1174838361f5bfa682eea60881b1bf92334d188b929f62c35c4107d21342ba7238b4955f9d52eae063ed1403694e4

    Download Submit