Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

549fcdd493...e4.exe

windows7-x64

7

549fcdd493...e4.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22/05/2024, 21:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    549fcdd493b68105b4f992a78c9949fee3a519b1e6cd2dd1a098ba7eb61641e4.exe

  • Size

    9.2MB

  • MD5

    c0774f59fba4635cb9a8defff7af48a9

  • SHA1

    e8133d8cfb7914b341da444327e795216f27c42d

  • SHA256

    549fcdd493b68105b4f992a78c9949fee3a519b1e6cd2dd1a098ba7eb61641e4

  • SHA512

    12a77d2029da72b72a63ca3a7f1a1a36096fd8b5d673080be098bd3eddff186cc04987fb01abfe50a71401bd6cd2723115494e6c15920e14eb3204983b638687

  • SSDEEP

    196608:kj2R7czUEDSzimFkOD7lf1hfrm4hNYAZuDA2nRjgowZSNxhDkD0hDOn:kjXczX5D/Ph3cZRcsRCoDw

Score
7/10
discoveryupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\549fcdd493b68105b4f992a78c9949fee3a519b1e6cd2dd1a098ba7eb61641e4.exe
    "C:\Users\Admin\AppData\Local\Temp\549fcdd493b68105b4f992a78c9949fee3a519b1e6cd2dd1a098ba7eb61641e4.exe"
    1⤵
      PID:612

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\MeldaProduction\SystemFonts.cache
      Filesize

      173B

      MD5

      3d82cf268db29ac8059ac5093f7608b5

      SHA1

      974f15f946c7e71a92dc90b6710df1153f48e198

      SHA256

      b379448466ee7073f54060e991f6dcad37ab55774c05fb14f4f11caf71588d49

      SHA512

      7ddbae223bfa51338dbc10fdbeef52c23d65aece84eab969f7a642abd63756d8f708e35b9d34b5852dc46101027e2758e0edec90d21851796fc5eac6424d47c7

      Download Submit

    • memory/612-0-0x0000000001330000-0x0000000001978000-memory.dmp

      Filesize

      6.3MB

      Download

    • memory/612-15-0x0000000001330000-0x0000000001978000-memory.dmp

      Filesize

      6.3MB

      Download