Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Abyss.exe

windows7-x64

7

Abyss.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 13:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Abyss.exe

  • Size

    15.9MB

  • MD5

    0ba5fcce81cf9d8972499c1afae20c80

  • SHA1

    b1d471f3350d70e2825e21904edd8315e642097d

  • SHA256

    311e4cc88e9034bbb5c758f11333e67c72ff0ed8d84557a3205a4d86bedd4e95

  • SHA512

    f41b0f7dc97c609863e747bfb303419a1da03b8b3ce8adf22c74da9132d5d04f4d5fa4bfdf52d90f8a0dcf9d99ae870c5270f9f6b0abe771a7d369300a425f3b

  • SSDEEP

    393216:8mc4gP8AxYDX1+TtIiFGMiP1gZY9Z8D8CclzEJ0oO:834bX71QtIWiP2a8DZcJT

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Abyss.exe
    "C:\Users\Admin\AppData\Local\Temp\Abyss.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2152
    • C:\Users\Admin\AppData\Local\Temp\Abyss.exe
      "C:\Users\Admin\AppData\Local\Temp\Abyss.exe"
      2⤵
      • Loads dropped DLL
      PID:1764

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI21522\python312.dll
    Filesize

    6.6MB

    MD5

    3c388ce47c0d9117d2a50b3fa5ac981d

    SHA1

    038484ff7460d03d1d36c23f0de4874cbaea2c48

    SHA256

    c98ba3354a7d1f69bdca42560feec933ccba93afcc707391049a065e1079cddb

    SHA512

    e529c5c1c028be01e44a156cd0e7cad0a24b5f91e5d34697fafc395b63e37780dc0fac8f4c5d075ad8fe4bd15d62a250b818ff3d4ead1e281530a4c7e3ce6d35

    Download Submit