Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

3a4b101260...64.exe

windows7-x64

7

3a4b101260...64.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07/03/2024, 19:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3a4b1012602d252174a2a2a81d7439715f1df131012df3dad29467d6b65f5664.exe

  • Size

    9.6MB

  • MD5

    727a8fcb7c46e291c4291972c78ad466

  • SHA1

    1f904d3f61a3b4be04ca2565ed31ebc6b380bfef

  • SHA256

    3a4b1012602d252174a2a2a81d7439715f1df131012df3dad29467d6b65f5664

  • SHA512

    742a97aaa0eb54f5375d82ed35b17869f5c7d0e44f095e40e0716fa3f44c27c23ebd42b41c6459ecc3eb89de144772fc7f9f398e0c3d0aa0e8b4e2f41b050d4d

  • SSDEEP

    196608:yC+hcVhQICteEroXxqENE+sKsXXg6ukIk9eHGhl+rDGN71zw8:dVaInEroXjsKkXg6u6sHkODGNX

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3a4b1012602d252174a2a2a81d7439715f1df131012df3dad29467d6b65f5664.exe
    "C:\Users\Admin\AppData\Local\Temp\3a4b1012602d252174a2a2a81d7439715f1df131012df3dad29467d6b65f5664.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2304
    • C:\Users\Admin\AppData\Local\Temp\3a4b1012602d252174a2a2a81d7439715f1df131012df3dad29467d6b65f5664.exe
      "C:\Users\Admin\AppData\Local\Temp\3a4b1012602d252174a2a2a81d7439715f1df131012df3dad29467d6b65f5664.exe"
      2⤵
      • Loads dropped DLL
      PID:2412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI23042\api-ms-win-core-file-l1-2-0.dll
    Filesize

    18KB

    MD5

    9d8413744097196f92327f632a85acee

    SHA1

    dfc07f5e5a0634dd1f15fdc9ff9731748fbff919

    SHA256

    6878d8168d5cc159efe58f14e5ba10310d99b53ab8495521e54c966994dac50b

    SHA512

    a8f6e9ee1c5d65f68b8b20d406d3e666c186e15cb3b92575257b5637fe7dd5ac7d75e9ad51c839ba4490512f68f6b48822fc9edd316dd7625d3627d3b975fb2a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI23042\api-ms-win-core-file-l2-1-0.dll
    Filesize

    18KB

    MD5

    361c6bcfcea263749419b0fbed7a0ce8

    SHA1

    03db13108ce9d5fc01cecf3199619ffbccbd855a

    SHA256

    b74aefd6fa638be3f415165c8109121a2093597421101abc312ee7ffa1130278

    SHA512

    aa8b585000cc65f9841b938e4523d91d8f6db650e0b4bb11efd740c27309bf81cdb77f05d0beda2489bf26f4fbc6d02c93ce3b64946502e2c044eea89696cc76

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI23042\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    21KB

    MD5

    b402ed77d6f31d825bda175dbc0c4f92

    SHA1

    1f2a4b8753b3aae225feac5487cc0011b73c0eb7

    SHA256

    6ed17fb3ca5156b39fbc1ef7d1eefa95e739857607de4cd8d41cecfcd1350705

    SHA512

    ec04013139f3fd9dbf22b92121d82b2eb97e136f8619790cde2d0b660280e838962f9006d3e4c3a359627b017f2b6ade7edff3bbc26e559c3de37540585602d9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI23042\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    19KB

    MD5

    3d872be898581f00d0310d7ab9abaf2b

    SHA1

    420e0ab98bb748723130de414f0ffed117ef3f7e

    SHA256

    4de821884cbef4182b29d8c33cfe13e43e130ad58ee1281679e8d40a2edcb8ea

    SHA512

    35cfb9888a5f4299403a0d9c57f0ba79e3625431a9acc5e04ae2ae101b3dc521a0dcff5d4a1bf508b25dbf05dd432f6987d860ff494d15538ed95673a8b7376b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI23042\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    18KB

    MD5

    6c180c8de3ecf27de7a5812ff055737e

    SHA1

    3aad20b71bb374bb2c5f7431a1b75b60956a01fd

    SHA256

    630466fd77ac7009c947a8370a0d0c20652169824c54ddcb8c05e8df45e23197

    SHA512

    e4aa79eb2b6b3be9b545e8cb8b43cd6052036dc5cce7077be40441b9942931b30d76c475d550a178d4e94c9c366cabc852f500e482b7fdcd361fc2a08e41c00e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI23042\python310.dll
    Filesize

    4.3MB

    MD5

    316ce972b0104d68847ab38aba3de06a

    SHA1

    ca1e227fd7f1cfb1382102320dadef683213024b

    SHA256

    34f0e44a0d089587e1ea48c1cc4c3164a1819c6db27a7c1b746af46d6388c26e

    SHA512

    a11da6590a71d977c62b1c26c275763413f6a455e6d85fa052654d05d845dbbe8122bbd8e0a23887f9873d4291382ebbd5df19674ad2dda1cf0ff3206054939b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI23042\ucrtbase.dll
    Filesize

    1.1MB

    MD5

    185420a98824f7718dc5d8197e2b3471

    SHA1

    f083dcb3dea4b7aab4a110431274f9f4970dbc60

    SHA256

    6b817ec9874cd110a0b17ae89422bbe3362e3eadce91a5e66729801f57758ec4

    SHA512

    bc8cd1f08aba813475f6cc9290a99ab90071fc441373cb72dd35f4c497d8a0d565db28fc43765464e1d0dece052e6595ef2e93502ab3f715af05a38cbfe4aa88

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI23042\python310.dll
    Filesize

    4.1MB

    MD5

    0ab839805a76061ddce75a5faad1f766

    SHA1

    dd48baefc9e517fa313c2e3728a1e214b32dcf0a

    SHA256

    06a9509a02b6c7ec5a583d6eae30c199d9e81a15f8314d6e230e4a310c2d9f52

    SHA512

    49f67810479e140dc23c082f5ee31b6b36b92fbec142b3a3d12a72d95013f6f05af27aa5ff32ab3ae17e2652b00efbeafb6553f0ee2d0f6fe30710939a881dff

    Download Submit