Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
15s -
max time network
20s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
24/09/2024, 15:49
General
-
Target
SkyexchangeRework.exe_spiggma.exe
-
Size
80.1MB
-
MD5
8b0c5628143a952cb935b5a1d5acc07d
-
SHA1
137493a3df309d756884e60d2f64a0f4cd7b601f
-
SHA256
54cf84f5a988a8e4dfa86bf48a207ca8b5e7930934c3ba7759985ad39f38bdae
-
SHA512
48b7fd0f47d378c1ea5e8346ddf48a72817820b5a15d8b50ea1e75567e11d2a564a7deaa77802b9fe7aa0373e54161ef0d88d0fe7d7014f88877c87559f4eb1e
-
SSDEEP
1572864:UvNBYQ3j0cSk8IpG7V+VPhqcPE70jCDPRQvljSvOul/JGZGHkVZWT9EtsB7A:UvNBY+LSkB05awcVuD2wOuNzSO9p7
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\SkyexchangeRework.exe_spiggma.exe"C:\Users\Admin\AppData\Local\Temp\SkyexchangeRework.exe_spiggma.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\SkyexchangeRework.exe_spiggma.exe"C:\Users\Admin\AppData\Local\Temp\SkyexchangeRework.exe_spiggma.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.6MB
MD5546cc5fe76abc35fdbf92f682124e23d
SHA15c1030752d32aa067b49125194befee7b3ee985a
SHA25643bff2416ddd123dfb15d23dc3e99585646e8df95633333c56d85545029d1e76
SHA512cb75334f2f36812f3a5efd500b2ad97c21033a7a7054220e58550e95c3408db122997fee70a319aef8db6189781a9f2c00a9c19713a89356038b87b036456720
-
Filesize
5.9MB