Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

24d679d78a...87.exe

windows7-x64

7

24d679d78a...87.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2024, 01:08 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe

  • Size

    192KB

  • MD5

    b067f51fb68aeef97310ecb28494eb30

  • SHA1

    e02f7ce5ed5778ae0df670b9a114d6c2c60373a1

  • SHA256

    24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687

  • SHA512

    a3c748979c35fc419b697c961b8a1d04ccdd6e41ef5af53ba6db77554e102e6fd523a714d2fe29980e0de224b7b58151a9b158f1dd582486e3f86b11eebed35c

  • SSDEEP

    3072:baCd9Hchiv7m9OlD+t1SelA1CoHb3rNqvpPewXhCw3BDh:e49Gijm9OlDoPlA1CoN6Ywx53BDh

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe
    "C:\Users\Admin\AppData\Local\Temp\24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:3020
    • C:\Users\Admin\AppData\Local\Temp\24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe
      C:\Users\Admin\AppData\Local\Temp\24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:1988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe
    Filesize

    192KB

    MD5

    a5cfd660729d5556cbf83e60918e7040

    SHA1

    2ef4a620e916c03755b196948a92365e8d41a04d

    SHA256

    e1298d6e4e71f8760897b01002d932b60f37e4e1eea24fdc2681375b1d9b9b92

    SHA512

    6e1d9feece10d47017aee2219e0b33d38d52f2b244b2c1bdc093599f7f847292ad1e8e7cf09bd70df4c433f2f2461ba5e2476297a8a39d0c68bffd6a8518d193

    Download Submit

  • memory/1988-11-0x0000000000400000-0x000000000043C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/1988-12-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/1988-17-0x0000000000130000-0x000000000016C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/3020-0-0x0000000000400000-0x000000000043C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/3020-6-0x00000000000C0000-0x00000000000FC000-memory.dmp

    Filesize

    240KB

    Download

  • memory/3020-10-0x0000000000400000-0x000000000043C000-memory.dmp

    Filesize

    240KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.