Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

32198314bb...0N.exe

windows7-x64

7

32198314bb...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    95s
  • max time network
    101s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/07/2024, 04:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    32198314bb43b219c0fa2caf1ebf3200N.exe

  • Size

    9.1MB

  • MD5

    32198314bb43b219c0fa2caf1ebf3200

  • SHA1

    39940ddd786b050402196fe7e2e4ccc0af8030df

  • SHA256

    dce871f41998656c962a289bf09f706ad7fa7fc92868b62a94e32e6116379da8

  • SHA512

    b8738352b159b30fc8bf7f065275fef452f66139e96191f7cbbdbc3e8cf1ce74cba92ac2514f2cdc3dbe9982dd01c292e63ed15d094c6a88a83ce184c8c6a7dc

  • SSDEEP

    196608:c++++++++++++++++++++++++++++++++++++++++++++g:H

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\32198314bb43b219c0fa2caf1ebf3200N.exe
    "C:\Users\Admin\AppData\Local\Temp\32198314bb43b219c0fa2caf1ebf3200N.exe"
    1⤵
    • Drops file in System32 directory
    PID:3564
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:4116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    9.2MB

    MD5

    f09d2e41d2a4e713ac104a0c7c1bc829

    SHA1

    9c7d479f48370fb79368f6016fac9d8112aea230

    SHA256

    1774f4229d7133e9ad46d91981ba6d73f6dd12563a9a8aa770fd52cedd0fada8

    SHA512

    390b31ab8bd7a5132f9fe9dffcc27bfa412f86743495f5cff81a47b58d8287064fb5a978e3f57662e04b85a55091b6cfd6db098d14b2276b956b246bcb58ebd6

    Download Submit

  • memory/3564-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/3564-1-0x0000000000401000-0x0000000000402000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3564-2-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/3564-9-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/4116-6-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/4116-10-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download