Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

f1fafa93a5...f5.exe

windows7-x64

7

f1fafa93a5...f5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/04/2024, 06:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f1fafa93a5a2763ea73375aad3369bcb851b7301146dbe2b9f9949b22f7094f5.exe

  • Size

    433KB

  • MD5

    77cd23afe8b3662766709102f1f21a81

  • SHA1

    ba63e8df39bfa15112e8fe53ff28b0569dd11fb5

  • SHA256

    f1fafa93a5a2763ea73375aad3369bcb851b7301146dbe2b9f9949b22f7094f5

  • SHA512

    fbda7df3c76dcc658b034b812896cb8f2352762636828fdd361c2e516abce52bb5ddc0881b335020fadced4b7772c0dc3289ae494e062d73109b54e03c2fd4b3

  • SSDEEP

    12288:Ci4g+yU+0pAiv+8VwY8/JhCYlgRNQrtUmsgven:Ci4gXn0pD+yn4JhC2pr1Pu

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f1fafa93a5a2763ea73375aad3369bcb851b7301146dbe2b9f9949b22f7094f5.exe
    "C:\Users\Admin\AppData\Local\Temp\f1fafa93a5a2763ea73375aad3369bcb851b7301146dbe2b9f9949b22f7094f5.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4252
    • C:\Users\Admin\AppData\Local\Temp\517B.tmp
      "C:\Users\Admin\AppData\Local\Temp\517B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\f1fafa93a5a2763ea73375aad3369bcb851b7301146dbe2b9f9949b22f7094f5.exe DB6A02C8962E93EABE9133EE8FCBAD0364B82933BB48D694E7E9751B2C0235B76FB22237585F8847FA49E452BD2CEBF9F988BB3E09D25671A5C591ABEEC9C078
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\517B.tmp
    Filesize

    433KB

    MD5

    0b5dfb9ac93d25d1c4b0cc995b465645

    SHA1

    6fe7640f3124f73b1063474f05af47359b02d5eb

    SHA256

    29ca3116f63eb5d885060c7d08091206d42eef501e7fff0c5e996f67a49a3b5d

    SHA512

    eed76fb8d171a133a3424d40e9ee1dd952c1bc5fb9526946a9f637d82eb4dc05cfaac4e4696b41abd84eb87e71e0c69beafcb99e51a058d98fdab9b175343e9a

    Download Submit