Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

c8140a8941...36.exe

windows7-x64

7

c8140a8941...36.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    135s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/03/2024, 07:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c8140a8941812d6f5ab0235bb0467036.exe

  • Size

    1.9MB

  • MD5

    c8140a8941812d6f5ab0235bb0467036

  • SHA1

    877d2ed7adb512848be94b74a4a22b6d19556447

  • SHA256

    1a463693f9e2538a45b9edd43a2cfdd512f3e2a0e2d86eb295f3b477236dc2b6

  • SHA512

    850b0986dd787fd889f3b39bfcf8a15448a4710bcf05a7f71b34b0add84ffac4f7cdd84e523bb79808071c9d68a7ff44049a1eb463e722e943c48c3e698227bc

  • SSDEEP

    49152:Qoa1taC070dH/a08I7hJn2asD+My/0r30FJ+MSEHiH:Qoa1taC0cS08wrRsDM/b0a0

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c8140a8941812d6f5ab0235bb0467036.exe
    "C:\Users\Admin\AppData\Local\Temp\c8140a8941812d6f5ab0235bb0467036.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1492
    • C:\Users\Admin\AppData\Local\Temp\4CC8.tmp
      "C:\Users\Admin\AppData\Local\Temp\4CC8.tmp" --splashC:\Users\Admin\AppData\Local\Temp\c8140a8941812d6f5ab0235bb0467036.exe 39905CCD8A3202B0DD449885B410B5B683AEFADFE6FFD42E017E2D4E45F7B35A54675765346CF2BFD2B8DC256AC2DFEF433487D91BCD2DA096079D13D116F294
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\4CC8.tmp
    Filesize

    1.9MB

    MD5

    94dfba863eb086d291f0dc53e673a336

    SHA1

    21ea32470d486fea4929792811be4303bd7456e9

    SHA256

    a4fe8503461d35fee87c1dea043a3d35bf56389a03ffae4e94258982c3c92e3f

    SHA512

    3099474f81e41b66d59b55a00b65a4e4d652d3ea3744481128c7b0b9d610dc29d355b0367b1d6f45868e65e390c3425be1d5d3b95dba793dd3422dacfd541b93

    Download Submit

  • memory/1492-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/1936-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download