Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

TeX2img/Azuki.dll

windows7-x64

1

TeX2img/Azuki.dll

windows10-2004-x64

1

TeX2img/TeX2img.exe

windows7-x64

1

TeX2img/TeX2img.exe

windows10-2004-x64

1

TeX2img/TeX2imgc.exe

windows7-x64

1

TeX2img/TeX2imgc.exe

windows10-2004-x64

1

TeX2img/ja...es.dll

windows7-x64

1

TeX2img/ja...es.dll

windows10-2004-x64

1

TeX2img/mudraw.exe

windows7-x64

1

TeX2img/mudraw.exe

windows10-2004-x64

3

TeX2img/pd...aw.exe

windows7-x64

1

TeX2img/pd...aw.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240910-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/09/2024, 08:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TeX2img/TeX2imgc.exe

  • Size

    7KB

  • MD5

    f711586915291e7c63bb3d22fdd8104a

  • SHA1

    44f22b40d810e3d874109b7dcce76b703fb99ba7

  • SHA256

    781c63e01d5962f17dd0fdbfde1605c9d3a6e27bdef139c40647909b87f822d2

  • SHA512

    94b032e6c56a51ad02cd4ce6ecd84ed84804814684f8dbc99dab96d58817545cc3b86a963cc163409eace9d162f1309ed1c505a1ca22c9fa9f0b2529e66c8481

  • SSDEEP

    96:EkE3FR+oHVVmEmZOcwqY+3WRCSqa2r37z+BwZ+t5MCyX9LIT5zNt:EkE3FR+ojm4cUw3X7zZZ+t5MCE9Lk7

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TeX2img\TeX2imgc.exe
    "C:\Users\Admin\AppData\Local\Temp\TeX2img\TeX2imgc.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:868
    • C:\Users\Admin\AppData\Local\Temp\TeX2img\tex2img.exe
      "C:\Users\Admin\AppData\Local\Temp\TeX2img\tex2img.exe" /nogui
      2⤵
        PID:3092

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/868-0-0x00007FFA6F4F3000-0x00007FFA6F4F5000-memory.dmp

      Filesize

      8KB

      Download

    • memory/868-1-0x000001CEB1F10000-0x000001CEB1F18000-memory.dmp

      Filesize

      32KB

      Download

    • memory/868-3-0x00007FFA6F4F0000-0x00007FFA6FFB1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/868-13-0x00007FFA6F4F0000-0x00007FFA6FFB1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/3092-2-0x00000224E7320000-0x00000224E763C000-memory.dmp

      Filesize

      3.1MB

      Download

    • memory/3092-6-0x00007FFA6F4F0000-0x00007FFA6FFB1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/3092-7-0x00007FFA6F4F0000-0x00007FFA6FFB1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/3092-8-0x00000224ECFE0000-0x00000224ED002000-memory.dmp

      Filesize

      136KB

      Download

    • memory/3092-9-0x00007FFA6F4F0000-0x00007FFA6FFB1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/3092-11-0x00007FFA6F4F0000-0x00007FFA6FFB1000-memory.dmp

      Filesize

      10.8MB

      Download