Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

9864b0205f...9e.exe

windows7-x64

7

9864b0205f...9e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07/03/2024, 02:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9864b0205f8df10337c37eb1d8a32a9e.exe

  • Size

    435KB

  • MD5

    9864b0205f8df10337c37eb1d8a32a9e

  • SHA1

    3a35c06912113e9acde4d5480456f239e1a8b5bd

  • SHA256

    4e764dd15da5554b7ed05f0cdbbcc9e7a90183c52b7c89e9c8445a0e4761031a

  • SHA512

    1b346bd2f9a4e8d34baf1d914c368f26aa750262ca71879f82c45de637d2ec93bb3cdae5c0807d3a21e2e309623ba848aa37dbcf35719ef38fe7d5ab78455c25

  • SSDEEP

    6144:fJvyW4ojUnQjx4qePix+qXQjBYWOHdObBk+KRQNamlqUe129le6N29lfw9J:fd4x+ePixnXQjyHdOTKRQHmQl34wP

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9864b0205f8df10337c37eb1d8a32a9e.exe
    "C:\Users\Admin\AppData\Local\Temp\9864b0205f8df10337c37eb1d8a32a9e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1936
    • C:\Users\Admin\AppData\Local\Temp\4846.tmp
      "C:\Users\Admin\AppData\Local\Temp\4846.tmp" --helpC:\Users\Admin\AppData\Local\Temp\9864b0205f8df10337c37eb1d8a32a9e.exe 8224CCBBEA134333A5BEFE5FFFBF96F8757EF458E1D2D30F995E0969A34F45F2F56015689BDA4930D0B8F55711CAF0775C2B7FA875878061DDA1C85629C1F020
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\4846.tmp
    Filesize

    435KB

    MD5

    4bec2ae23a1fa035ccdaa450b966b83c

    SHA1

    26ce534e2088cae8397190b35ffbf7898a9f29ee

    SHA256

    52b0633cafbf6d8de66fe3638d66cf251b0ec8e990fbca70b68fb2fc915f1ca0

    SHA512

    763d2675bac332a9b7857f64bc3645d977a39e358dbc1c9220b15251cb369feb6b8b458cc307a129d452abffe7bb2fed2f21113f9bffe83a816680d8ea0219db

    Download Submit