Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

c8140a8941...36.exe

windows7-x64

7

c8140a8941...36.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    14/03/2024, 07:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c8140a8941812d6f5ab0235bb0467036.exe

  • Size

    1.9MB

  • MD5

    c8140a8941812d6f5ab0235bb0467036

  • SHA1

    877d2ed7adb512848be94b74a4a22b6d19556447

  • SHA256

    1a463693f9e2538a45b9edd43a2cfdd512f3e2a0e2d86eb295f3b477236dc2b6

  • SHA512

    850b0986dd787fd889f3b39bfcf8a15448a4710bcf05a7f71b34b0add84ffac4f7cdd84e523bb79808071c9d68a7ff44049a1eb463e722e943c48c3e698227bc

  • SSDEEP

    49152:Qoa1taC070dH/a08I7hJn2asD+My/0r30FJ+MSEHiH:Qoa1taC0cS08wrRsDM/b0a0

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c8140a8941812d6f5ab0235bb0467036.exe
    "C:\Users\Admin\AppData\Local\Temp\c8140a8941812d6f5ab0235bb0467036.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Users\Admin\AppData\Local\Temp\1239.tmp
      "C:\Users\Admin\AppData\Local\Temp\1239.tmp" --splashC:\Users\Admin\AppData\Local\Temp\c8140a8941812d6f5ab0235bb0467036.exe 14895B5387F70D7CCE145D029EFE83DC824BC3C4B8AF8DBE7609318803EDA41BAC881C32A393188832507D587CAA31E621EFCB24A6E383688E08C44DBD3D0286
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\1239.tmp
    Filesize

    1.9MB

    MD5

    36ee66454ce6297e0ebd252d813a4c5e

    SHA1

    5f07ec33c7fbbe835584c7b53afc56173313bc6b

    SHA256

    57a0e2f1db85227516455a053f0680f48ba258cc02509c0c86d7062b4d26c5bd

    SHA512

    7273efc7a02ba0636cdf8d60a5aefca54017e3eb80f3ae8fea331e1083393d10b98ef8b03fb13ed64e0019bba6d841a82bc72d1af790f2a7ea0e4bb258962df3

    Download Submit

  • memory/2924-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2988-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download