Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

f793707851...b3.exe

windows7-x64

7

f793707851...b3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    07/06/2024, 09:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f793707851093e856c0d32bed082e52f23223f62fcfca4b6550eb6e045471eb3.exe

  • Size

    5.4MB

  • MD5

    10244f7d8e89b9116b41741b63bdfa36

  • SHA1

    e81bedde03dd7ad61f8add5ac568cbf1a0c6ad16

  • SHA256

    f793707851093e856c0d32bed082e52f23223f62fcfca4b6550eb6e045471eb3

  • SHA512

    121c3d1edc8f124d639e4007505d116226a2bee00c757fe910fe596c4557c99f577deaa1d492a5818c4e0ac0156a8e90fe4cc886c8727bdedfa4ab4a402d6e2c

  • SSDEEP

    98304:emhd1Uryei0AGu312qoZBGV7wQqZUha5jtSyZIUh:elEr31BoZBG2QbaZtliU

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f793707851093e856c0d32bed082e52f23223f62fcfca4b6550eb6e045471eb3.exe
    "C:\Users\Admin\AppData\Local\Temp\f793707851093e856c0d32bed082e52f23223f62fcfca4b6550eb6e045471eb3.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2976
    • C:\Users\Admin\AppData\Local\Temp\273F.tmp
      "C:\Users\Admin\AppData\Local\Temp\273F.tmp" --splashC:\Users\Admin\AppData\Local\Temp\f793707851093e856c0d32bed082e52f23223f62fcfca4b6550eb6e045471eb3.exe 14450EF4D68DEEDF4FCB10E38B08BAEAA4B561B849FBA71C57D6DDB29BEE27B97162B542096E68AEF87C29DE2D3B3457AAC3F14EBB5E210B25F3D9CCBEA93830
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\273F.tmp
    Filesize

    5.4MB

    MD5

    ecf7d59f602a3c216ad9f3aaecd3f4ab

    SHA1

    aa2561083a3c75ab9305d3e0c34e6779fe9e610e

    SHA256

    ecf3b5d79cf011cde0518235102283dabf28a3e1a0c805394bf5ee250dc88488

    SHA512

    21063900b14b86b9f4107785ca121d3c5fb50079d3a095fc08cd1f8cb36bb928ff47018ebc6e0ffbd9beca0177497c8a929429d82cca4b5a5eda9ebf51c8ce6a

    Download Submit

  • memory/2848-9-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/2976-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download