Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

MEmu-setup...22.exe

windows7-x64

6

MEmu-setup...22.exe

windows10-2004-x64

6

Resubmissions

21/04/2024, 09:00

240421-kycqesga2z 6

22/03/2024, 09:35

240322-lkjggscg8w 10

Analysis

  • max time kernel
    840s
  • max time network
    841s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 09:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MEmu-setup-abroad-sdk-20240322.exe

  • Size

    23.0MB

  • MD5

    f9ce897d93d4f77bca3cca8541a8addb

  • SHA1

    4ac5a68266c842fb997fd755c9d10d1975baa71f

  • SHA256

    89174acde0ea21562e6186847ba7d12aacd9b2b2132f456dd8335680daadd9a9

  • SHA512

    57ad25f1a3b1514e579fd9f61102d0e6ea42e32bb9371fa447ab6e8c4403a018ee5b1959f3038dd591c930ecc4b535abe6851693334a67542acb7877152b0a6a

  • SSDEEP

    393216:w95Rjktqn778Sd3o+83Jsv6tWKFdu9CwvUiPbKv647n+YlmYz:MRjkG7Iq3oOD2vegm0

Score
6/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Loads dropped DLL 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MEmu-setup-abroad-sdk-20240322.exe
    "C:\Users\Admin\AppData\Local\Temp\MEmu-setup-abroad-sdk-20240322.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\mds\mds.dll
    Filesize

    212KB

    MD5

    48f07e86c6d50f527d7fd5026a3fbe5c

    SHA1

    64184c950bc0622df2c8e7707d37fae566ee5722

    SHA256

    b1317206a12f105e28338fea33c5d1a66df07fb35586bb4e1727555bec90e71b

    SHA512

    9172b41d51643349cb0d755d1f90ffbe15cb7bd4ed80700d91c73f4afba17055f0488fd1d5858dea2843d545fd4752751d081dcf2117204cafe0f6fc3cf30c5d

    Download Submit

  • memory/2372-14-0x0000000004660000-0x00000000046A0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2372-19-0x00000000744C0000-0x00000000744FE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2372-18-0x0000000003E70000-0x0000000003EAE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2372-20-0x0000000073D00000-0x00000000743EE000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2372-21-0x0000000004660000-0x00000000046A0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2372-22-0x0000000073D00000-0x00000000743EE000-memory.dmp

    Filesize

    6.9MB

    Download