Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

6e8bfb12e5...24.exe

windows7-x64

7

6e8bfb12e5...24.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    24/06/2024, 22:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6e8bfb12e5d51772b0eb816384eb5531a68ade56f0fda4bfe8735ee70999b024.exe

  • Size

    46KB

  • MD5

    f63695203479723d8ce8479c7c8d853a

  • SHA1

    083e4dc0125d79e26c4fc1c392d911475ea540ef

  • SHA256

    6e8bfb12e5d51772b0eb816384eb5531a68ade56f0fda4bfe8735ee70999b024

  • SHA512

    40cba85047b4963a68f66e0e164e001907191f9a73b6e0497ef33069847f7edf2019408a8d03f4ff41d96c7fea6f7225c9f88863d3ec273b5af1ad20dad302c1

  • SSDEEP

    768:Erza/swUy71CzrzlFQaRBYBTNZzzlRrdIwMSfHNGY3t3sHfn/Jq:EykwUyJ+vQaRBYNNZzzlRrdIwMSfHrtv

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6e8bfb12e5d51772b0eb816384eb5531a68ade56f0fda4bfe8735ee70999b024.exe
    "C:\Users\Admin\AppData\Local\Temp\6e8bfb12e5d51772b0eb816384eb5531a68ade56f0fda4bfe8735ee70999b024.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    PID:3044
    • C:\WINDOWS\SysWOW64\rmass.exe
      "C:\WINDOWS\SysWOW64\rmass.exe"
      2⤵
      • Executes dropped EXE
      PID:2016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Windows\SysWOW64\rmass.exe
    Filesize

    43KB

    MD5

    e637d144664dc2fd2b0fc60c2ce92f8b

    SHA1

    3d2b180ca28b772e94ad47f57fec8a36cb4ab041

    SHA256

    62dbc8435e8a6898408b945afa9c12b02b36ce506b5676c400fa1b66a8811ea3

    SHA512

    767c96bf550ffd193f27195a4665791a580e232cbef0f4fe81dd764a3258ae861bce82a2423e51cbcdb256879a98fa8ccb701d83d10a13d26a1b0433e611da25

    Download Submit

  • memory/3044-5-0x0000000000400000-0x0000000000403000-memory.dmp

    Filesize

    12KB

    Download