Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

bd6a9a4a03...66.exe

windows7-x64

6

bd6a9a4a03...66.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25/04/2024, 02:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bd6a9a4a033da7fe8d9eff04a297ed95db1a22e65e284128c66d026367aabd66.exe

  • Size

    965KB

  • MD5

    0c554abf829b35d3846bd02f4af0a914

  • SHA1

    2b886ebb445411480b987486171238ac080afdea

  • SHA256

    bd6a9a4a033da7fe8d9eff04a297ed95db1a22e65e284128c66d026367aabd66

  • SHA512

    fa60c61ad7679a796309296655d2ebc49051e4bf81b2057a71093ea53b818b9e81a3786e3c83347e3baf3bb08848ec69d4373785a8964ed18dd18f6d1cda51e4

  • SSDEEP

    12288:i2ToLD2QfWUEknSsmjj/UVF4TNSzURcXdaTjMVJK1P5aEL3/fxyhxoeVsc:ikuPfWsnnw/UV+NSzURcAMVcRaq2v1

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bd6a9a4a033da7fe8d9eff04a297ed95db1a22e65e284128c66d026367aabd66.exe
    "C:\Users\Admin\AppData\Local\Temp\bd6a9a4a033da7fe8d9eff04a297ed95db1a22e65e284128c66d026367aabd66.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: RenamesItself
    PID:1196

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\bd6a9a4a033da7fe8d9eff04a297ed95db1a22e65e284128c66d026367aabd66.exe
    Filesize

    965KB

    MD5

    4e2208d899e7fbd12cd8b09a4f38ad11

    SHA1

    7186be04d50ce22188dd2c52367b6f80e5c0d568

    SHA256

    d82eef04b007572b2400db4519e4b8638b4de7d91d6168f7a1d82c11f55be3cb

    SHA512

    0f0f8a35b91fd45455fc0e7090903469748d8bb8cb64f991dfb1d2a6bf71742e3907355782459b2ec78254f21bc1076abbaef8e42a055a0657ae40197984a145

    Download Submit

  • memory/1196-13-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-15-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-3-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-9-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-10-0x00000000003B0000-0x00000000003B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1196-11-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-4-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-12-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-14-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-2-0x00000000003B0000-0x00000000003B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1196-16-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-17-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-18-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-19-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-20-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/1196-21-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download