Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

bee5f2fad8...02.exe

windows7-x64

7

bee5f2fad8...02.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/03/2024, 14:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bee5f2fad8536de09059278ee803b902.exe

  • Size

    9.4MB

  • MD5

    bee5f2fad8536de09059278ee803b902

  • SHA1

    869dcf08ef1f5d9fe23ef56986eec4c3d5041b65

  • SHA256

    7c25dac4fd97ac041aee989706ee614a2bf91f45f4ea4239898ed5d60d4cc52b

  • SHA512

    fd322f6b5016f316f74d0b5d6cfa8e2f3328852cf0818fd58864b57e757240bec6047a38a09b3f1d3e483227d11612eb14e2ab7b63b3bdf5e1f1c64f6b101964

  • SSDEEP

    49152:EQFRHrmQG+wrmQG+brmQG+CQrmQG+wrxQG+CQrmQG+wrHIQG+wrJmQG+brmQG+CI:EcKOvpxZpxgYvpx62vpxdEvpx

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bee5f2fad8536de09059278ee803b902.exe
    "C:\Users\Admin\AppData\Local\Temp\bee5f2fad8536de09059278ee803b902.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5044
    • C:\Users\Admin\AppData\Local\Temp\usk.exe
      C:\Users\Admin\AppData\Local\Temp\usk.exe -run C:\Users\Admin\AppData\Local\Temp\bee5f2fad8536de09059278ee803b902.exe
      2⤵
      • Executes dropped EXE
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of SetWindowsHookEx
      PID:4532

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\usk.exe
    Filesize

    1.3MB

    MD5

    18d0181c83717d157ccf0e7b25364eb1

    SHA1

    bd68e4141beb5866a11a9efcb7e5409ea7e6a8a5

    SHA256

    c1e2d9324fbbfcb40e1c2f9be6427bb5eb49ab0f77934bf720a28241d90f1fa4

    SHA512

    112e6e8ee6dca591f940838d5782dbc8a410757d704f56a1b538c42b07ec97e434f027184e91377f983af76ced03157026d671bce79296a960f3b0d096dae47b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\usk.exe
    Filesize

    1.9MB

    MD5

    d7771d390e0b9dd8f4b6b3ef9da6868b

    SHA1

    8d78ddc0423ca10ab92e3ac183ad0b53057ff567

    SHA256

    50bdf5b4dea342d6060a67ad6e476ee9b91f0b321392ee00149aab320fa8934c

    SHA512

    cde073348f370495b0077d93a34796107c6c756e44585a723c8bc785be951fa19bdb66b7b73d3e53e1dab588f9319f241cc83d9d4877c6121073150ec88d62ae

    Download Submit

  • memory/4532-56-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-43-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4532-66-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-65-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-63-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-64-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-62-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-61-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-60-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-59-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-58-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-54-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-67-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-68-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-57-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-53-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-52-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-51-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4532-50-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4532-49-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4532-46-0x0000000003D00000-0x0000000003D01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4532-47-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4532-48-0x0000000004F80000-0x0000000004F81000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4532-45-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/4532-55-0x0000000004F80000-0x0000000004F9B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4532-44-0x0000000002CB0000-0x0000000002CB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4532-116-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/5044-18-0x0000000002530000-0x0000000002531000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-21-0x0000000002620000-0x0000000002621000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-32-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/5044-34-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/5044-40-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/5044-39-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/5044-30-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/5044-42-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/5044-41-0x0000000002300000-0x0000000002350000-memory.dmp

    Filesize

    320KB

    Download

  • memory/5044-29-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/5044-38-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/5044-35-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/5044-28-0x0000000002D90000-0x0000000002D96000-memory.dmp

    Filesize

    24KB

    Download

  • memory/5044-27-0x0000000002610000-0x0000000002611000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-26-0x00000000025F0000-0x00000000025F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-25-0x00000000025C0000-0x00000000025C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-24-0x0000000002600000-0x0000000002601000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-23-0x00000000025D0000-0x00000000025D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-22-0x00000000025E0000-0x00000000025E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-31-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/5044-20-0x0000000002580000-0x0000000002581000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-19-0x0000000002570000-0x0000000002571000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-0-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/5044-17-0x0000000002500000-0x0000000002501000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-16-0x0000000002540000-0x0000000002541000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-15-0x0000000002510000-0x0000000002511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-12-0x0000000002560000-0x0000000002561000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-13-0x0000000002520000-0x0000000002521000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-11-0x0000000002DA0000-0x0000000002DA2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/5044-10-0x00000000024A0000-0x00000000024A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-9-0x0000000002DB0000-0x0000000002DB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-8-0x00000000024C0000-0x00000000024C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-7-0x0000000002480000-0x0000000002481000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-6-0x0000000002450000-0x0000000002451000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-5-0x0000000002490000-0x0000000002491000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-4-0x0000000002460000-0x0000000002461000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-3-0x0000000002470000-0x0000000002471000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-2-0x00000000024B0000-0x00000000024B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5044-1-0x0000000002300000-0x0000000002350000-memory.dmp

    Filesize

    320KB

    Download