Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

ee08e8c830...0N.exe

windows7-x64

7

ee08e8c830...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    16s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 02:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ee08e8c830b6885eaecadb3dd6a0b190N.exe

  • Size

    9.8MB

  • MD5

    ee08e8c830b6885eaecadb3dd6a0b190

  • SHA1

    7b4641bcdf8df566905baceddba7b83c7a6836de

  • SHA256

    a2703d477301bfc6d810b5882314e786127a05cf0de1032b5b6098daf1447c41

  • SHA512

    1592e1b8a9cd6090979a152af2e936f8d4b36e4ec8398ece2b6e7cdfea94716a6d08c39e3081855e39b9d836598bc28c83061a7662db12a85fff36031ffad1e6

  • SSDEEP

    98304:2ssssssssssssssssssssssssssssssss1WWWWWWWWWWWWWWWWM:n

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ee08e8c830b6885eaecadb3dd6a0b190N.exe
    "C:\Users\Admin\AppData\Local\Temp\ee08e8c830b6885eaecadb3dd6a0b190N.exe"
    1⤵
    • Drops file in System32 directory
    PID:448
  • C:\Windows\SysWOW64\svrwsc.exe
    C:\Windows\SysWOW64\svrwsc.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\svrwsc.exe
    Filesize

    10.1MB

    MD5

    7e2912b8821991f679319cb6978521ef

    SHA1

    f9c670f5ff9e8f3c12e56d8ae8323a04bc8d2714

    SHA256

    6bc4b02dca8d22f1a0503821ae0dda0b40cc382d01e9414609aa57b454ac248f

    SHA512

    f8f7d16d23d7e4814874258981051319d0ffd209578a288ead195ae1db7061a9649c03b602f0afe9e8f1313674c23423771b79539e122c6ff9cde43d3c00533d

    Download Submit

  • memory/448-0-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/448-1-0x00000000003B0000-0x00000000003B5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/448-2-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/448-8-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/832-5-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/832-7-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download