Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    14s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    09/07/2024, 00:42

General

  • Target

    wavekey.exe

  • Size

    57.2MB

  • MD5

    0b450a010f0dab9c68c53fdfb8870d54

  • SHA1

    f3f0897a78ff80d8907fe4fc093d673fcb632f13

  • SHA256

    8b621fe08498b943f914105709b09d59fd8d4bb38fe7c06e19463c3613f444e5

  • SHA512

    26eeb139ffd7612a711bf6d4ab842d90da2fb73c78454711ba7db57772f045ad7e9a4753599e7a4f0ff320807e7cf3717178a633249611d94ff9e6196284516b

  • SSDEEP

    786432:UU9AOQL7QqMoknvNpA+vIlo0FdGgrnKvIjjk3ESWqEp+0/pWTf0ca+S:jAOQnQqMrlpA+Ql4XvIswqrSIfa+S

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\wavekey.exe
    "C:\Users\Admin\AppData\Local\Temp\wavekey.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1708
    • C:\Users\Admin\AppData\Local\Temp\wavekey.exe
      "C:\Users\Admin\AppData\Local\Temp\wavekey.exe"
      2⤵
      • Loads dropped DLL
      PID:1800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI17082\python311.dll

    Filesize

    1.6MB

    MD5

    4fcf14c7837f8b127156b8a558db0bb2

    SHA1

    8de2711d00bef7b5f2dcf8a2c6871fa1db67cf1f

    SHA256

    a67df621a383f4ce5a408e0debe3ebc49ffc766d6a1d6d9a7942120b8ec054dc

    SHA512

    7a6195495b48f66c35b273a2c9d7ff59e96a4180ea8503f31c8b131167c6cdddd8d6fe77388a34096964a73c85eab504281a14ae3d05350cfee5c51d2491cec8

  • memory/1800-738-0x000007FEF59E0000-0x000007FEF5FC8000-memory.dmp

    Filesize

    5.9MB