Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

e1e0f578f1...16.exe

windows7-x64

3

e1e0f578f1...16.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/03/2024, 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e1e0f578f12f34122ab5edd0f8ad0516.exe

  • Size

    325KB

  • MD5

    e1e0f578f12f34122ab5edd0f8ad0516

  • SHA1

    d37efb900970a4707c2c051fcff6fc96bc354958

  • SHA256

    dd23b26b9745b8b2f4b99b75fad73036ebccf6620d9725626a3dc7b746f06e83

  • SHA512

    0dcf3a985b95bdf1520c32ba8cad6f593910995df4d801c3ec277eae253363319cb49a6712c92e1e3a30f9726beb1794acab591b9e272c6f2f23d9c0b455456e

  • SSDEEP

    6144:B8nMF2idZecnl20lHRxp3gzI8qQpuCwRtzGazUVdUXxbNtpXS5cuFjWOE4c:WsF3Z4mxxSCQ4/GaadUh7xAddc

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e1e0f578f12f34122ab5edd0f8ad0516.exe
    "C:\Users\Admin\AppData\Local\Temp\e1e0f578f12f34122ab5edd0f8ad0516.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2812
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2812 -s 156
      2⤵
      • Program crash
      PID:1896

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2812-1-0x0000000000280000-0x00000000002D4000-memory.dmp

    Filesize

    336KB

    Download

  • memory/2812-0-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/2812-2-0x00000000003B0000-0x00000000003B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-6-0x00000000002E0000-0x00000000002E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-5-0x00000000002F0000-0x00000000002F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-4-0x00000000003E0000-0x00000000003E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-3-0x0000000000390000-0x0000000000391000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-8-0x00000000003C0000-0x00000000003C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-7-0x00000000003D0000-0x00000000003D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-9-0x0000000003180000-0x0000000003181000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-10-0x00000000003F0000-0x00000000003F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-11-0x0000000003170000-0x0000000003171000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-12-0x0000000001ED0000-0x0000000001ED1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-14-0x0000000001F00000-0x0000000001F01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-16-0x0000000000570000-0x0000000000571000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-18-0x0000000001EE0000-0x0000000001EE1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-20-0x0000000000590000-0x0000000000591000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-19-0x0000000002220000-0x0000000002221000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-17-0x0000000001EF0000-0x0000000001EF1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-15-0x0000000000580000-0x0000000000581000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-13-0x0000000001EB0000-0x0000000001EB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-21-0x0000000002290000-0x0000000002291000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-23-0x0000000002250000-0x0000000002251000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-24-0x0000000002240000-0x0000000002241000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-25-0x00000000022B0000-0x00000000022B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-26-0x00000000022A0000-0x00000000022A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-22-0x0000000002270000-0x0000000002271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-27-0x0000000000560000-0x0000000000561000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2812-28-0x0000000000400000-0x000000000045A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/2812-30-0x0000000000280000-0x00000000002D4000-memory.dmp

    Filesize

    336KB

    Download

  • memory/2812-31-0x0000000000560000-0x0000000000561000-memory.dmp

    Filesize

    4KB

    Download