Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

1d88e5e360...1a.exe

windows7-x64

7

1d88e5e360...1a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 01:13 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1d88e5e360459969c165abdb1670f71a.exe

  • Size

    15.3MB

  • MD5

    1d88e5e360459969c165abdb1670f71a

  • SHA1

    4acdad52c9889570197a2fa2cd59c943e57647f5

  • SHA256

    51f92e2913482e3706a215c2b6a217b616fa8323274fb1637ee9b8fdbd8cc615

  • SHA512

    a3986b65eb0b50f09031a6b59b36d54d7f9216189e441b4aea0ccf3c47da4fa62a2fb8c367a460f8b672ff9d412ede3ced4179bf2b784260a3ff235b27321fb5

  • SSDEEP

    393216:qTXaexG6bXCpS9c5hlERblh2pvAdZYyk0RrBGDHYdD60fz:uvxG6geEhk5QpvAdZkyczkOw

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1d88e5e360459969c165abdb1670f71a.exe
    "C:\Users\Admin\AppData\Local\Temp\1d88e5e360459969c165abdb1670f71a.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2944
    • C:\Users\Admin\AppData\Local\Temp\1d88e5e360459969c165abdb1670f71a.exe
      "C:\Users\Admin\AppData\Local\Temp\1d88e5e360459969c165abdb1670f71a.exe"
      2⤵
      • Loads dropped DLL
      PID:2588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI29442\python39.dll
    Filesize

    4.3MB

    MD5

    11c051f93c922d6b6b4829772f27a5be

    SHA1

    42fbdf3403a4bc3d46d348ca37a9f835e073d440

    SHA256

    0eabf135bb9492e561bbbc5602a933623c9e461aceaf6eb1ceced635e363cd5c

    SHA512

    1cdec23486cffcb91098a8b2c3f1262d6703946acf52aa2fe701964fb228d1411d9b6683bd54527860e10affc0e3d3de92a6ecf2c6c8465e9c8b9a7304e2a4a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI29442\tkn-fx.exe.manifest
    Filesize

    1KB

    MD5

    0c4c150e001746af52da485109b08237

    SHA1

    30b9706440ae101400c89d6314d49004026fc93a

    SHA256

    585f62f7a11a07d2bd66252a91c66d54ca0442b8e477e37745dcd344d74049af

    SHA512

    c26e4a88306d4862b28b4bba493d9b7ae976a8dd393edbf92a8e661e79f1a9584efc6c7e829b84555cec77c5a5c0ad794d18df9ef037e6f4565b8554c82ddef4

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.