Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

161274daed...e6.exe

windows7-x64

7

161274daed...e6.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    28/04/2024, 18:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    161274daed12f112c462e802da7b817275996d071b79d3546a8cd0b42a5023e6.exe

  • Size

    416KB

  • MD5

    86b2944ddf2530bbff846f83cb7b50c3

  • SHA1

    cec74d7071b44f214d4a2c06737cee869da984b5

  • SHA256

    161274daed12f112c462e802da7b817275996d071b79d3546a8cd0b42a5023e6

  • SHA512

    fe2138969c0976f157e80774d6f63b0a6bf460d399b2680ea5c35083e6ddfd0a50e031d027337d06d061aef333e0acd499907825576ccdbe9fc0fefce83d9561

  • SSDEEP

    6144:QQIagQx6AipNYyVBmX55q5QB26bH3V40saiigCD4H2cHwXWzYpk+mFAH46WKc:Q2DipVwJ5NhVQ5zCD4TyWwiFAH4jKc

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\161274daed12f112c462e802da7b817275996d071b79d3546a8cd0b42a5023e6.exe
    "C:\Users\Admin\AppData\Local\Temp\161274daed12f112c462e802da7b817275996d071b79d3546a8cd0b42a5023e6.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:1576
    • C:\Users\Admin\AppData\Local\Temp\161274daed12f112c462e802da7b817275996d071b79d3546a8cd0b42a5023e6.exe
      C:\Users\Admin\AppData\Local\Temp\161274daed12f112c462e802da7b817275996d071b79d3546a8cd0b42a5023e6.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:3056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\161274daed12f112c462e802da7b817275996d071b79d3546a8cd0b42a5023e6.exe
    Filesize

    416KB

    MD5

    1f54b9353fc17a425986ac0d334c348f

    SHA1

    adc8c87c1ea1e50500c7455f7d79e96f870380d8

    SHA256

    291904efa782ffd47de99a78f519036532dede939713b4f7a04bb431f1cce6c3

    SHA512

    4a2abbd0d6d8fb692e5d214e2f8d15d198a59b70471bae44ac0cfc54d2c368ecbbcee004aec6564374bf77e06c7f8dfeebe9820a41122a04af7791e5af74807d

    Download Submit

  • memory/1576-0-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1576-6-0x00000000000C0000-0x0000000000100000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1576-10-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/3056-11-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/3056-12-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/3056-17-0x00000000001D0000-0x0000000000210000-memory.dmp

    Filesize

    256KB

    Download